This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author icordasc
Recipients Lukasa, alex, christian.heimes, demian.brecht, dstufft, giampaolo.rodola, icordasc, janssen, lac, nagle, pitrou
Date 2015-02-24.16:15:54
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1424794554.47.0.109338844376.issue23476@psf.upfronthosting.co.za>
In-reply-to
Content 
So requests is running into this issue as well (see: https://github.com/kennethreitz/requests/issues/2455, https://github.com/kennethreitz/requests/issues/2456). With the specific code in Cory Benfield's comment (see: https://github.com/kennethreitz/requests/issues/2455#issuecomment-75773677) and the certificate file that requests 2.5.2 used (see: https://github.com/kennethreitz/requests/blob/d8be2473d1a586a3673d728d49e10fd4286e3b0e/requests/cacert.pem, raw: https://raw.githubusercontent.com/kennethreitz/requests/d8be2473d1a586a3673d728d49e10fd4286e3b0e/requests/cacert.pem) we can reproduce a similar problem on all versions of Python.

At the moment, we're investigating the possibility that it has to do with cross-signed certificates (see: http://openssl.6102.n7.nabble.com/Problems-with-cross-signed-certificates-and-Authority-Key-Info-td52280.html). We have a number of servers that we can reproduce this against and it is not reproducible using openssl s_client which means it is an issue with how Python has written its openssl compatibility layer.
History
Date User Action Args
2015-02-24 16:15:54icordascsetrecipients: + icordasc, janssen, nagle, pitrou, giampaolo.rodola, christian.heimes, alex, dstufft, demian.brecht, Lukasa, lac
2015-02-24 16:15:54icordascsetmessageid: <1424794554.47.0.109338844376.issue23476@psf.upfronthosting.co.za>
2015-02-24 16:15:54icordasclinkissue23476 messages
2015-02-24 16:15:54icordasccreate