search

m-click / requests_pkcs12

Add PKCS#12 support to the Python requests library in a clean way, without monkey patching or temporary files
ISC License
123 stars 33 forks source link

OpenSSL.SSL.Error: [('SSL routines', '', 'ca md too weak')] #34

Closed KyleGobel closed 1 year ago

KyleGobel commented 1 year ago

On a machine I'm running it has OpenSSL 3.x, the CA I'm using cannot be changed and is stuck using sha1.

Is there a way from code with this library to set it/open ssl to allow this now considered 'weak' hashing ?

I've been trying to guess and check with things like the following -- but no change in behavior

requests_pkcs12.urllib3.contrib.pyopenssl.DEFAULT_SSL_CIPHER_LIST = 'ALL:@SECLEVEL=0'
requests_pkcs12.urllib3.contrib.pyopenssl.util.ssl_.DEFAULT_CIPHERS = 'ALL:@SECLEVEL=0'
requests_pkcs12.OpenSSL.crypto.DEFAULT_CIPHER = 'ALL:@SECLEVEL=0'
vog commented 1 year ago

Please repeat your question to the pyOpenSSL project. There is nothing the requests_pkcs12 project can do about this.