Support on winhttp #641

phoebusm · 2024-03-05T01:11:14Z

Hello I am trying to incorporate trustme in the CA SSL verification testing in a opensourced project. Experience on Linux is good but run into error with winhttp:
Send request failed: The certificate authority is invalid or incorrect
I googled but could not find any evidence explicitly suggesting the trustm support on winhttp. So I wonder how is it?

The text was updated successfully, but these errors were encountered:

pquentin · 2024-03-05T05:30:59Z

Hello! I'm not familiar with WinHTTP. If you figure out why it considers the CA is invalid, then we can fix it. The same way we fixed OpenSSL support on Windows by "only" using 3000 as the default expiry date:

trustme/src/trustme/__init__.py

Lines 33 to 38 in dd106e4

    
           # Default certificate expiry date: 
        
           # OpenSSL on Windows fails if you try to give it a date after 
        
           # ~3001-01-19: 
        
           #   https://github.com/pyca/cryptography/issues/3194 
        
           DEFAULT_EXPIRY = datetime.datetime(3000, 1, 1) 
        
           DEFAULT_NOT_BEFORE = datetime.datetime(2000, 1, 1)

pquentin · 2024-10-07T07:13:56Z

Closing for now as I have not heard back from you.

phoebusm mentioned this issue Mar 5, 2024

Study and add tests for SSL verification for S3 on Windows and MacOS man-group/ArcticDB#1394

Open

pquentin closed this as completed Oct 7, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Support on winhttp #641

Support on winhttp #641

phoebusm commented Mar 5, 2024 •

edited

Loading

pquentin commented Mar 5, 2024

pquentin commented Oct 7, 2024

Support on winhttp #641

Support on winhttp #641

Comments

phoebusm commented Mar 5, 2024 • edited Loading

pquentin commented Mar 5, 2024

pquentin commented Oct 7, 2024

phoebusm commented Mar 5, 2024 •

edited

Loading