Message 301526 - Python tracker (original) (raw)

It might be useful to expose SSL_get_verify_result, https://wiki.openssl.org/index.php/Manual:SSL_get_verify_result(3) . The function returns the last verification error of 0 for no error. Application could still verify the chain with verify_mode = CERT_NONE.

import socket, ssl ctx = ssl.SSLContext() s = ctx.wrap_socket(socket.socket()) s.connect(('www.python.org', 443)) s._sslobj._sslobj.get_verify_result() (20, 'unable to get local issuer certificate')