Inconsistent return types between SSLSocket and SSLObject certificate chain APIs
Bug report
Bug description:
The get_verified_chain() and get_unverified_chain() APIs for SSLSocket were updated in #109113, but the API wasn't updated for SSLObject. This leads to inconsistent return types, one returns _ssl.Certificate and the other returns bytes. It appears from #109113 that bytes is what's expected.
This caused an issue for Windows and macOS using Truststore which relies on these APIs for verifying certificates. A bugfix is coming for Truststore, but these APIs should return the same type.
cc @matiuszka
CPython versions tested on:
3.13, CPython main branch
Operating systems tested on:
Linux, Windows
Linked PRs
- gh-118658: Return consistent types from
get_un/verified_chaininSSLObjectandSSLSocket#118669 - [3.13] gh-118658: Return consistent types from
get_un/verified_chaininSSLObjectandSSLSocket(GH-118669) #123082 - gh-118658: Modify cert generation script to extract cert3.pem #124598
- gh-118658: Modify cert generation script to extract cert3.pem #124599
- [3.13] gh-118658: Modify cert generation script to extract cert3.pem (GH-124598) #124972