Hi,


I'm using Python 3.X (3.5 on Windows 2008 and 3.4 on CentOS 6.7) and 
encountered an SSL client side CA certificates issue. The issue came up when a 
third-party package (django-cas-ng) tried to verify the CAS service ticket (ST) 
by calling CAS server using requests.get(...) and failed with 
CERTIFICATE_VERIFY_FAILED error. The CAS server is accessed by HTTPS with a 
self-signed server certificate. Following some suggestions on the internet, 
I've tried to modify django-cas-ng's code to call requests.get(..) with verify 
parameter, such as requests.get(..., verify=False) and requests.get(..., 
verify="CAS server cert"). Both workarounds worked, but I can't change 
third-party package code. I also tried to add the CAS server cert to the 
underlying OS (Windows 2008 and CentOS 6.7), but it did not help.



My question is where does SSL client code get the trusted CA certificates from, 
from Python or the underlying OS? What configuration do I need in order for the 
SSL client to conduct the SSL handshake successfully?



Appreciate any help!



Gang



Gang Yang

Shonborn-Becker Systems Inc. (SBSI)
Contractor Engineering Supporting SEC
Office: 732-982-8561, x427

Cell: 732-788-7501<tel:732-740-4656>
Email: gang.yang....@mail.mil<mailto:gang.yang....@mail.mil>
-- 
https://mail.python.org/mailman/listinfo/python-list

Reply via email to