Message274542
This fails:
Python 3.5.2 (default, Jun 28 2016, 08:46:01)
[GCC 6.1.1 20160602] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import ssl
>>> import socket
>>> s = socket.socket()
>>> c = ssl.create_default_context(cafile='COMODORSADomainValidationSecureServerCA.crt')
>>> s = c.wrap_socket(s, server_hostname='miaosss.top')
>>> s.connect(('miaosss.top', 443))
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python3.5/ssl.py", line 1019, in connect
self._real_connect(addr, False)
File "/usr/lib/python3.5/ssl.py", line 1010, in _real_connect
self.do_handshake()
File "/usr/lib/python3.5/ssl.py", line 988, in do_handshake
self._sslobj.do_handshake()
File "/usr/lib/python3.5/ssl.py", line 633, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)
But openssl can succeed:
openssl s_client -connect miaosss.top:443 -CAfile COMODORSADomainValidationSecureServerCA.crt -servername miaosss.top
endswith "Verify return code: 0 (ok)"
Firefox and SSLlabs (https://www.ssllabs.com/ssltest/analyze.html?d=miaosss.top) both show it's trusted. |
|
Date |
User |
Action |
Args |
2016-09-06 08:52:17 | lilydjwg | set | recipients:
+ lilydjwg |
2016-09-06 08:52:17 | lilydjwg | set | messageid: <1473151937.46.0.395458552575.issue27970@psf.upfronthosting.co.za> |
2016-09-06 08:52:17 | lilydjwg | link | issue27970 messages |
2016-09-06 08:52:17 | lilydjwg | create | |
|