I am away on a consulting gig, so I really only have my laptop to test on.
Python 2.7.8 (default, Nov 18 2014, 14:57:17)
debian version jessie/sid
SSL test, with OpenSSL version OpenSSL 1.0.1j 15 Oct 2014.
Connection to "verisign.com" failed: [SSL: CERTIFICATE_VERIFY_FAILED]
certificate verify fa
On 2/17/2015 3:42 PM, Laura Creighton wrote:
> Possibly this bug?
> https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1014640
>
> Laura
Probably that bug in OpenSSL. Some versions of OpenSSL are
known to be broken for cases where there multiple valid certificate
trees.
Python ships wit
Possibly this bug?
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1014640
Laura
--
https://mail.python.org/mailman/listinfo/python-list
If I remove certs from my "cacert.pem" file passed to
create_default_context, the Python test program rejects domains
it will pass with the certs present. It's using that file.
So that's not it. It seems to be an OpenSSL or cert file
problem. I can reproduce the problem with the OpenSSL
I've seen something like this:
The requests module http://docs.python-requests.org/en/latest/
ships with its own set of certificates "cacert.pem"
and ignores the system wide ones -- so, for instance, adding certificates
to /etc/ssl/certs on your debian or ubuntu system won't work. I edited
it by
Python 2.7.9, Windows 7 x64.
(also 3.4.2 on Win7, and 3.4.0 on Ubuntu 14.04)
There's something about the SSL cert for "https://www.verisign.com";
that won't verify properly from Python.The current code looks
like this:
def testurlopen(host, certfile) :
port = httplib.HTTPS_PORT
sk
