api.clever.com and new SSL certs#6
Conversation
There was a problem hiding this comment.
@nathanleiby I experimented a little with the verify option but don't think it verifies the entire CA chain.
Example: api.twitter.com, api.stripe.com or api.facebook.com will fail when verifying with our cert chain, but not api.github.com
requests.get('https://api.github.com', verify='path-to-our-cert-bundle')returns a 200
There was a problem hiding this comment.
Interesting- is this a new issue with clever.com_ca_bundle.crt or the same behavior as before?
There was a problem hiding this comment.
Is not a issue with the new ca_bundle as far as I see. And the behavior does not seem very dangerous to me, since the only way to have a website be verified is to use the same CA (DigiCert High Assurance EV) as we use.
I'll experiment some more going forward and should add a comment in the code.
|
The non-cert changes all look fine. |
api.clever.com and new SSL certs

No description provided.