You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The WebClient.py sample script currently relies on loading the client certificate (incl. private key) from a file instead of the Windows certificate store. This makes it incompatible with secure TPM-based storage of the private key.
Python truststore issue: sethmlarson/truststore#78
The
WebClient.py
sample script currently relies on loading the client certificate (incl. private key) from a file instead of the Windows certificate store. This makes it incompatible with secure TPM-based storage of the private key.Resources
It seems like Python 3.10 includes improvements in this area that will hopefully enable direct usage of the Windows certificate store (see https://sethmlarson.dev/blog/experimental-python-3.10-apis-and-trust-stores).
Python SSL sources:
_load_windows_store_certs("My", ssl.Purpose.CLIENT_AUTH)
looks interesting but doesn't seem to help)ssl_collect_certificates
: https://github.com/python/cpython/blob/main/Modules/_ssl.c#L5380OpenSSL sources:
The text was updated successfully, but these errors were encountered: