ssl.match_hostname() function used here:

Is there any easy workaround for this? This is a problem running sslyze 5.2.0 on the latest Debian stable (12 aka Bookworm).

    from sslyze.plugins.certificate_info._cert_chain_analyzer import (
  File "/usr/lib/python3.12/site-packages/sslyze/plugins/certificate_info/_cert_chain_analyzer.py", line 3, in <module>
    from ssl import CertificateError, match_hostname
ImportError: cannot import name 'match_hostname' from 'ssl' (/usr/lib/python3.12/ssl.py)

sslyze fails to start with python3_12. Please fix

a potential "quick" workaround is to use "https://pypi.org/project/backports.ssl_match_hostname/", but I'm not sure.
And it's like going backwards

there was the same issue in other project and I'd say there is a good solution: aiortc/aioquic#368

tl;dr

• urllib3 has a port of match_hostname (simple to incorporate)
• service-identity different implementation but seems to be more proper solution (a bit more complex to incorporate)

This might get solved by #638

Fixed in v6.0.0.