bad certificate error
Steven D'Aprano
steve at REMOVE-THIS-cybersource.com.au
Mon Jul 27 19:00:27 EDT 2009
On Mon, 27 Jul 2009 15:23:41 -0300, Gabriel Genellina wrote:
> En Mon, 27 Jul 2009 12:57:40 -0300, jakecjacobson
> <jakecjacobson at gmail.com> escribió:
>
>> I was wondering if this is due to the server having a invalid server
>> cert? If I go to this server in my browser, I get a "This server tried
>> to identify itself with invalid information". Is there a way to ignore
>> this issue with Python? Can I setup a trust store and add this server
>> to the trust store?
>
> I don't see the point in trusting someone that you know is telling lies
> about itself.
Don't you? It's just commonsense risk assessment.
It's far more likely that the server has an incorrectly setup certificate
managed by an incompetent sys admin than it is that somebody is eaves-
dropping on my connection to https://somerandom.site.com/something-trivial
Particularly when the connection is on my own intranet and I know the sys
admin in question has made a mistake and the new certificate is scheduled
to be installed "some time next week". *wink*
Of course, if there was sensitive information involved, or money, then
I'd be more concerned.
--
Steven
More information about the Python-list
mailing list