Author vstinner
Recipients pitrou, vstinner
Date 2014-03-12.11:20:39
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1394623240.06.0.245086264312.issue20896@psf.upfronthosting.co.za>
In-reply-to
Content
======================================================================
ERROR: test_get_server_certificate (test.test_ssl.NetworkedTests)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/haypo/prog/python/default/Lib/test/test_ssl.py", line 1373, in test_get_server_certificate
    _test_get_server_certificate('svn.python.org', 443, SVN_PYTHON_ORG_ROOT_CERT)
  File "/home/haypo/prog/python/default/Lib/test/test_ssl.py", line 1354, in _test_get_server_certificate
    pem = ssl.get_server_certificate((host, port))
  File "/home/haypo/prog/python/default/Lib/ssl.py", line 902, in get_server_certificate
    with context.wrap_socket(sock) as sslsock:
  File "/home/haypo/prog/python/default/Lib/ssl.py", line 344, in wrap_socket
    _context=self)
  File "/home/haypo/prog/python/default/Lib/ssl.py", line 540, in __init__
    self.do_handshake()
  File "/home/haypo/prog/python/default/Lib/ssl.py", line 767, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:598)

----------------------------------------------------------------------

Extract of the current CA cert of svn.python.org:
---
$ openssl x509 -in Lib/test/https_svn_python_org_root.pem -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 0 (0x0)
    Signature Algorithm: md5WithRSAEncryption
        Issuer: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=support@cacert.org
        Validity
            Not Before: Mar 30 12:29:49 2003 GMT
            Not After : Mar 29 12:29:49 2033 GMT
        Subject: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=support@cacert.org
...
---

Lib/test/https_svn_python_org_root.pem is identical to http://www.cacert.org/certs/root.crt: root certificate of cacert.org authority.
History
Date User Action Args
2014-03-12 11:20:40vstinnersetrecipients: + vstinner, pitrou
2014-03-12 11:20:40vstinnersetmessageid: <1394623240.06.0.245086264312.issue20896@psf.upfronthosting.co.za>
2014-03-12 11:20:39vstinnerlinkissue20896 messages
2014-03-12 11:20:39vstinnercreate