Closed shellfly closed 10 months ago
load_root_certificates is meant to be a stand-in for a function that will load the value of the certificates you download from https://www.apple.com/certificateauthority/ under the Apple Root Certificates section. Because these can be passed different ways, via a file, environment argument, or some other type of loader, the specific implantation is left to the user
@alexanderjordanbaker Thanks for the reply, there are four root certificates listed on the website, but I don't find any description to describe the difference. Do I need to download all of them or is it sufficient to download just one?
If you were to decode a cert today you would find the G3 root cert, but we recommend downloading all of them. It does take an array of certs in the constructor.
@alexanderjordanbaker Okay, it would be better to have this information on the README as well, thanks again for the help.
For any future readers, here is one possible implementation of load_root_certificates()
where the 3 .cer files (https://www.apple.com/certificateauthority/) are loaded from the filesystem:
def load_root_certificates():
cert_paths = [
'certs/AppleRootCA-G3.cer',
'certs/AppleRootCA-G2.cer',
'certs/AppleIncRootCertificate.cer',
]
certs = []
for path in cert_paths:
file = open(path, 'rb')
cert = file.read()
file.close()
certs.append(cert)
return certs
This is by no means the only implementation (or even necessarily a 'good' one, what with the hardcoded file paths). But it will enable you to get started with the App Store Server Library in Python.
In the Verification Usage section, there is a
load_root_certificates
function, but I don't find the implementation. How should I implement this correctly?