Issue #17134: check certs of CA and ROOT system store

1 files changed, 14 insertions, 13 deletions

diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index 4ebc4b0..10d25e9 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -536,21 +536,22 @@ class BasicSocketTests(unittest.TestCase):
         self.assertRaises(TypeError, ssl.enum_certificates)
         self.assertRaises(WindowsError, ssl.enum_certificates, "")
 
-        names = set()
-        ca = ssl.enum_certificates("CA")
-        self.assertIsInstance(ca, list)
-        for element in ca:
-            self.assertIsInstance(element, tuple)
-            self.assertEqual(len(element), 3)
-            cert, enc, trust = element
-            self.assertIsInstance(cert, bytes)
-            self.assertIn(enc, {"x509_asn", "pkcs_7_asn"})
-            self.assertIsInstance(trust, (set, bool))
-            if isinstance(trust, set):
-                names.update(trust)
+        trust_oids = set()
+        for storename in ("CA", "ROOT"):
+            store = ssl.enum_certificates(storename)
+            self.assertIsInstance(store, list)
+            for element in store:
+                self.assertIsInstance(element, tuple)
+                self.assertEqual(len(element), 3)
+                cert, enc, trust = element
+                self.assertIsInstance(cert, bytes)
+                self.assertIn(enc, {"x509_asn", "pkcs_7_asn"})
+                self.assertIsInstance(trust, (set, bool))
+                if isinstance(trust, set):
+                    trust_oids.update(trust)
 
         serverAuth = "1.3.6.1.5.5.7.3.1"
-        self.assertIn(serverAuth, names)
+        self.assertIn(serverAuth, trust_oids)
 
     @unittest.skipUnless(sys.platform == "win32", "Windows specific")
     def test_enum_crls(self):