On 2015-07-24 14:09, Christopher Larson wrote:
On Fri, Jul 24, 2015 at 12:49 PM, Gary Thomas <g...@mlbassoc.com <mailto:g...@mlbassoc.com>> wrote: On 2015-07-24 13:30, Aníbal Limón wrote: Hi Gary, What version of python do you use?. Since 2.7.9 cert checking is enabled by default causing this kind of errors. [1] [1] https://www.python.org/dev/peps/pep-0476/ Kind regards, alimon I'm using the stock python 2.7.9 from Poky/Yocto master:901be2cb69892595443ed41ab4be285932db15eb Is there an answer for this that's a bit less intrusive? Perhaps there could be a DISTRO or even IMAGE feature to enable/disable this checking? The pep you referenced mostly talks about why this was changed and how to disable it - manually within the python code itself. What I don't see is where/how/what to change/import to actually let the full certificate checking happen. I think the better bet is to fix it so it actually finds the certs from ca-certificates rather than bypassing certificate checking, personally, but I can see how that would be a useful workaround. :)
I tried this same code on my Ubuntu 15.04 desktop and it looks like they've disabled it in the main python http[s] code - there were no certificates examined during the transaction as far as I could tell (strace is my friend) I'll see if I can figure out how to stitch this together with our [Poky/Yocto/OE-core] setup for OpenSSL and ca-certificates. -- ------------------------------------------------------------ Gary Thomas | Consulting for the MLB Associates | Embedded world ------------------------------------------------------------ -- _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto
