Message 276567 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	Matt Wright
Recipients	Matt Wright, christian.heimes
Date	2016-09-15.15:47:27
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1473954447.18.0.714530872587.issue28170@psf.upfronthosting.co.za>
In-reply-to

Content
I'm experiencing a strange error when connecting to a web server with a self signed certificate. I've added the Root and Intermediate certs to the system CA bundle, and can `curl` against the server without any errors or using the `k` flag. But Python (via requests) raises an error that I can't seem to figure out at all with the `peer_certificate` method. Below you'll find the specific error: ``` import requests requests.get('https://localhost:9200/_cluster/health', verify='/etc/ssl/certs/ca-certificates.crt') Traceback (most recent call last): File "test.py", line 2, in <module> requests.get('https://localhost:9200/_cluster/health', verify='/etc/ssl/certs/ca-certificates.crt') File "/usr/lib/python3/dist-packages/requests/api.py", line 67, in get return request('get', url, params=params, kwargs) File "/usr/lib/python3/dist-packages/requests/api.py", line 53, in request return session.request(method=method, url=url, kwargs) File "/usr/lib/python3/dist-packages/requests/sessions.py", line 468, in request resp = self.send(prep, send_kwargs) File "/usr/lib/python3/dist-packages/requests/sessions.py", line 576, in send r = adapter.send(request, kwargs) File "/usr/lib/python3/dist-packages/requests/adapters.py", line 376, in send timeout=timeout File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 560, in urlopen body=body, headers=headers) File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 346, in _make_request self._validate_conn(conn) File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 787, in _validate_conn conn.connect() File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 259, in connect cert = self.sock.getpeercert() File "/usr/lib/python3.5/ssl.py", line 818, in getpeercert return self._sslobj.getpeercert(binary_form) File "/usr/lib/python3.5/ssl.py", line 595, in getpeercert return self._sslobj.peer_certificate(binary_form) SystemError: <built-in method peer_certificate of _ssl._SSLSocket object at 0x7f98ac154858> returned NULL without setting an error ```

I'm experiencing a strange error when connecting to a web server with a self signed certificate. I've added the Root and Intermediate certs to the system CA bundle, and can `curl` against the server without any errors or using the `k` flag. But Python (via requests) raises an error that I can't seem to figure out at all with the `peer_certificate` method. Below you'll find the specific error:

```
import requests
requests.get('https://localhost:9200/_cluster/health', verify='/etc/ssl/certs/ca-certificates.crt')
Traceback (most recent call last):
  File "test.py", line 2, in <module>
    requests.get('https://localhost:9200/_cluster/health', verify='/etc/ssl/certs/ca-certificates.crt')
  File "/usr/lib/python3/dist-packages/requests/api.py", line 67, in get
    return request('get', url, params=params, **kwargs)
  File "/usr/lib/python3/dist-packages/requests/api.py", line 53, in request
    return session.request(method=method, url=url, **kwargs)
  File "/usr/lib/python3/dist-packages/requests/sessions.py", line 468, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/lib/python3/dist-packages/requests/sessions.py", line 576, in send
    r = adapter.send(request, **kwargs)
  File "/usr/lib/python3/dist-packages/requests/adapters.py", line 376, in send
    timeout=timeout
  File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 560, in urlopen
    body=body, headers=headers)
  File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 346, in _make_request
    self._validate_conn(conn)
  File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 787, in _validate_conn
    conn.connect()
  File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 259, in connect
    cert = self.sock.getpeercert()
  File "/usr/lib/python3.5/ssl.py", line 818, in getpeercert
    return self._sslobj.getpeercert(binary_form)
  File "/usr/lib/python3.5/ssl.py", line 595, in getpeercert
    return self._sslobj.peer_certificate(binary_form)
SystemError: <built-in method peer_certificate of _ssl._SSLSocket object at 0x7f98ac154858> returned NULL without setting an error
```

History
Date	User	Action	Args
2016-09-15 15:47:27	Matt Wright	set	recipients: + Matt Wright, christian.heimes
2016-09-15 15:47:27	Matt Wright	set	messageid: <1473954447.18.0.714530872587.issue28170@psf.upfronthosting.co.za>
2016-09-15 15:47:27	Matt Wright	link	issue28170 messages
2016-09-15 15:47:27	Matt Wright	create