Closed shellfly closed 10 months ago
alexanderjordanbaker
commented
10 months ago load_root_certificates is meant to be a stand-in for a function that will load the value of the certificates you download from https://www.apple.com/certificateauthority/ under the Apple Root Certificates section. Because these can be passed different ways, via a file, environment argument, or some other type of loader, the specific implantation is left to the user
shellfly
commented
10 months ago @alexanderjordanbaker Thanks for the reply, there are four root certificates listed on the website, but I don't find any description to describe the difference. Do I need to download all of them or is it sufficient to download just one?
alexanderjordanbaker
commented
10 months ago If you were to decode a cert today you would find the G3 root cert, but we recommend downloading all of them. It does take an array of certs in the constructor.
shellfly
commented
10 months ago @alexanderjordanbaker Okay, it would be better to have this information on the README as well, thanks again for the help.
pduvall
commented
6 months ago For any future readers, here is one possible implementation of load_root_certificates() where the 3 .cer files (https://www.apple.com/certificateauthority/) are loaded from the filesystem:
def load_root_certificates():
cert_paths = [
'certs/AppleRootCA-G3.cer',
'certs/AppleRootCA-G2.cer',
'certs/AppleIncRootCertificate.cer',
]
certs = []
for path in cert_paths:
file = open(path, 'rb')
cert = file.read()
file.close()
certs.append(cert)
return certsThis is by no means the only implementation (or even necessarily a 'good' one, what with the hardcoded file paths). But it will enable you to get started with the App Store Server Library in Python.
In the Verification Usage section, there is a
load_root_certificatesfunction, but I don't find the implementation. How should I implement this correctly?