lkraav <l...@kraav.com> added the comment:
> I need more information to diagnose the issue. Could you please provide: > - your operating system and vendor/distribution Gentoo, so rolling, but 20 years of maintenance experience. > - your OpenSSL version (ssl.OPENSSL_VERSION) $ python Python 3.9.9 (main, Dec 21 2021, 17:21:49) [GCC 10.3.0] on linux Type "help", "copyright", "credits" or "license" for more information. @>>> import ssl @>>> print(ssl.OPENSSL_VERSION) OpenSSL 1.1.1l 24 Aug 2021 > - how did you install Python (self-compiled, pyenv, system Python)? System Python. On Gentoo, features configuration revolve around USE flags, but I don't have anything curious built with "gdbm ncurses readline sqlite ssl xml" being active: $ eix dev-lang/python$ [U] dev-lang/python Available versions: ... (3.9) 3.9.9^t{xpak} ... {berkdb bluetooth build examples gdbm hardened libedit lto +ncurses pgo +readline +sqlite +ssl test tk verify-sig wininst +xml ELIBC="uclibc"} Installed versions: 3.9.9(3.9)^t{xpak}(17:22:24 21.12.2021)(gdbm ncurses readline sqlite ssl xml -bluetooth -build -examples -hardened -lto -pgo -test -tk -verify-sig -wininst) Homepage: https://www.python.org/ Description: An interpreted, interactive, object-oriented programming language > - how did you install PyOpenSSL and cryptography? Regular system package manager install $ eix pyopenssl [I] dev-python/pyopenssl Available versions: 20.0.1^t{xpak} {doc test PYTHON_TARGETS="pypy3 python3_8 python3_9 python3_10"} Installed versions: 20.0.1^t{xpak}(11:43:07 03.06.2021)(-doc -test PYTHON_TARGETS="python3_9 -pypy3 -python3_8 -python3_10") Homepage: https://www.pyopenssl.org/ https://pypi.org/project/pyOpenSSL/ https://github.com/pyca/pyopenssl/ Description: Python interface to the OpenSSL library $ eix cryptography [I] dev-python/cryptography Available versions: 3.4.7-r2^t{xpak} **36.0.0^t {debug test PYTHON_TARGETS="pypy3 python3_8 python3_9 python3_10"} Installed versions: 3.4.7-r2^t{xpak}(16:35:10 21.12.2021)(-test PYTHON_TARGETS="python3_9 -pypy3 -python3_8 -python3_10") Homepage: https://github.com/pyca/cryptography/ https://pypi.org/project/cryptography/ Description: Library providing cryptographic recipes and primitives > - the full output of: openssl s_client -connect webapi.remote:52100 $ openssl s_client -connect webapi.remote:52100 CONNECTED(00000003) depth=0 CN = webapi.remote verify error:num=18:self signed certificate verify return:1 depth=0 CN = webapi.remote verify return:1 --- Certificate chain 0 s:CN = webapi.remote i:CN = webapi.remote --- Server certificate -----BEGIN CERTIFICATE----- <cut> -----END CERTIFICATE----- subject=CN = webapi.remote issuer=CN = webapi.remote --- No client certificate CA names sent Peer signing digest: SHA1 Peer signature type: RSA Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 1254 bytes and written 502 bytes Verification error: self signed certificate --- New, TLSv1.2, Cipher is ECDHE-RSA-AES256-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-SHA384 Session-ID: 27060000127E5AA837E96D63F5DE532C53FAD1D5C034CBF3D305B7978E9636A0 Session-ID-ctx: Master-Key: FAE8DE30BF627E7F02F8B4AA856075675FAF3A92365A1E9E8041F799E29CE809749B35514065255C62F0D449405C02B8 PSK identity: None PSK identity hint: None SRP username: None Start Time: 1640346190 Timeout : 7200 (sec) Verify return code: 18 (self signed certificate) Extended master secret: yes --- DONE ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue46156> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com