Did some more research and found this as the culprit:

in Lib/ssl.py

#############################
...
def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
...
    return DER_cert_to_PEM_cert(dercert)

def DER_cert_to_PEM_cert(der_cert_bytes):

    """Takes a certificate in binary DER format and returns the
    PEM version of it as a string."""

    if hasattr(base64, 'standard_b64encode'):
        # preferred because older API gets line-length wrong
        f = base64.standard_b64encode(der_cert_bytes)
        return (PEM_HEADER + '\n' +
                textwrap.fill(f, 64) +
                PEM_FOOTER + '\n')
    else:
        return (PEM_HEADER + '\n' +
                base64.encodestring(der_cert_bytes) +
                PEM_FOOTER + '\n')

############################

Notice no '\n' before the PEM_FOOTER