debfx
commented
7 years ago I don't know how to get the full certificate chain from the server response
Doesn't seem to be possible with the ssl module: http://bugs.python.org/issue18233
Open hufman opened 7 years ago
debfx
commented
7 years ago I don't know how to get the full certificate chain from the server response
Doesn't seem to be possible with the ssl module: http://bugs.python.org/issue18233
Configuring acceptable CAs with TLSA records (usage modes 0 and 2) is not supported with this script, and the script returns the (slightly inaccurate) message saying "Certificate doesn't match TLSA record". I don't know how to get the full certificate chain from the server response, otherwise I would work on adding this support. Thanks for the excellent script!