[oe] SSL Certificate Path for Python
Ash Charles
ashcharles at gmail.com
Tue Jul 7 00:16:59 UTC 2015
Hi,
With the move from python 2.7.3 (dizzy) to 2.7.9 (fido), Python
actually validates SSL-transport for https URLs [1]. Python, by
default (i.e. no environment variable SSL_CERT_DIR set), looks for
certificates at '/usr/lib/ssl/certs'. I tested this in a Python
shell:
import ssl
ssl.get_default_verify_paths()
The ca-certificates recipe seems to be installing certificates to
${D}${sysconfdir}/ssl/certs or /usr/share/ca-certificates/mozilla/
instead. I think that Python will need a way to find the system's
certificates. I can create a patch to do this but this seems to
couple the configuration in the ca-certificates and python recipes.
Has anyone stumbled across this issue? Is there a standard way of
looking up where a system is storing its certificates?
[1] https://www.python.org/dev/peps/pep-0476/
Thanks for any insights---I'm learning much more about SSL
certificates than I expected today ;-).
--Ash
More information about the Openembedded-devel
mailing list