Inconsistent return types between SSLSocket and SSLObject certificate chain APIs

[sethmlarson]

Bug report

Bug description:

The get_verified_chain() and get_unverified_chain() APIs for SSLSocket were updated in #109113, but the API wasn't updated for SSLObject. This leads to inconsistent return types, one returns _ssl.Certificate and the other returns bytes. It appears from #109113 that bytes is what's expected.

This caused an issue for Windows and macOS using Truststore which relies on these APIs for verifying certificates. A bugfix is coming for Truststore, but these APIs should return the same type.

cc @matiuszka

CPython versions tested on:

3.13, CPython main branch

Operating systems tested on:

Linux, Windows

Linked PRs

• gh-118658: Return consistent types from get_un/verified_chain in SSLObject and SSLSocket #118669
• [3.13] gh-118658: Return consistent types from get_un/verified_chain in SSLObject and SSLSocket (GH-118669) #123082
• gh-118658: Modify cert generation script to extract cert3.pem #124598
• gh-118658: Modify cert generation script to extract cert3.pem #124599
• [3.13] gh-118658: Modify cert generation script to extract cert3.pem (GH-124598) #124972

[matiuszka]

Good catch. I overlooked this. I will fix it ASAP.

[matiuszka]

I fixed the types, sorry for the problems.