Message343785
Loading cadata in PEM format results in a nested asn1 error. Workaround is to convert cadata to unicode.
Minimum code for reproducing the issue:
>>>import ssl
>>> with open('ca.crt') as f:
... ca_crt = f.read()
...
>>> c = ssl.create_default_context()
>>> c.load_verify_locations(cadata=ca_crt)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
ssl.SSLError: nested asn1 error (_ssl.c:2902)
With workaround to make it work:
>>>import ssl
>>> with open('ca.crt') as f:
... ca_crt = f.read()
...
>>> c = ssl.create_default_context()
>>> c.load_verify_locations(cadata=unicode(ca_crt))
The issue is annoying as the documentation explicitly states cadata to be "either an ASCII string of one or more PEM-encoded certificates...". Furthermore the unicode function is not present in Python 3.x, making the workaround version-dependent. |
|
Date |
User |
Action |
Args |
2019-05-28 14:36:04 | Jizhou Yang | set | recipients:
+ Jizhou Yang, christian.heimes |
2019-05-28 14:36:04 | Jizhou Yang | set | messageid: <1559054164.15.0.615290495729.issue37079@roundup.psfhosted.org> |
2019-05-28 14:36:04 | Jizhou Yang | link | issue37079 messages |
2019-05-28 14:36:04 | Jizhou Yang | create | |
|