bad certificate error

Nick Craig-Wood nick at craig-wood.com
Tue Jul 28 03:29:56 EDT 2009 

jakecjacobson <jakecjacobson at gmail.com> wrote:
>  I am getting the following error when doing a post to REST API,
> 
>  Enter PEM pass phrase:
>  Traceback (most recent call last):
>    File "./ices_catalog_feeder.py", line 193, in ?
>      main(sys.argv[1])
>    File "./ices_catalog_feeder.py", line 60, in main
>      post2Catalog(catalog_host, catalog_port, catalog_path, os.path.join
>  (input_dir, file), collection_name, key_file, cert_file)
>    File "./ices_catalog_feeder.py", line 125, in post2Catalog
>      connection.request('POST', path, parameters, head)
>    File "/usr/lib/python2.4/httplib.py", line 810, in request
>      self._send_request(method, url, body, headers)
>    File "/usr/lib/python2.4/httplib.py", line 833, in _send_request
>      self.endheaders()
>    File "/usr/lib/python2.4/httplib.py", line 804, in endheaders
>      self._send_output()
>    File "/usr/lib/python2.4/httplib.py", line 685, in _send_output
>      self.send(msg)
>    File "/usr/lib/python2.4/httplib.py", line 652, in send
>      self.connect()
>    File "/usr/lib/python2.4/httplib.py", line 1079, in connect
>      ssl = socket.ssl(sock, self.key_file, self.cert_file)
>    File "/usr/lib/python2.4/socket.py", line 74, in ssl
>      return _realssl(sock, keyfile, certfile)
>  socket.sslerror: (1, 'error:14094412:SSL
>  routines:SSL3_READ_BYTES:sslv3 alert bad certificate')
> 
> 
>  My code where this error occurs is:
> 
>  head = {"Content-Type" : "application/x-www-form-urlencoded",
>  "Accept" : "text/plain"}
>  parameters = urlencode({"collection" : collection, "entryxml" : open
>  (file,'r').read()})
>  print "Sending the file to: " + host
> 
>  try:
>  	try:
>  		# Default port is 443.
>  		# key_file is the name of a PEM formatted file that contains your
>  private key.
>  		# cert_file is a PEM formatted certificate chain file.
>  		connection = httplib.HTTPSConnection(host, int(port), key_file,
>  cert_file)
>  		connection.request('POST', path, parameters, head)
>  		response = connection.getresponse()
>  		print response.status, response.reason
>  	except httplib.error, (value,message):
>  		print value + ':' + message
>  finally:
>  	connection.close()
> 
>  I was wondering if this is due to the server having a invalid server
>  cert?

I'd say judging from the traceback you messed up key_file or cert_file
somehow.

Try using the openssl binary on them (read the man page to see how!)
to check them out.

>  If I go to this server in my browser, I get a "This server tried to
>  identify itself with invalid information".  Is there a way to
>  ignore this issue with Python?  Can I setup a trust store and add
>  this server to the trust store?

Invalid how?  Self signed certificate? Domain mismatch? Expired certificate?

-- 
Nick Craig-Wood <nick at craig-wood.com> -- http://www.craig-wood.com/nick

More information about the Python-list mailing list