bad certificate error
Piet van Oostrum
piet at cs.uu.nl
Tue Jul 28 15:44:05 EDT 2009
>>>>> jakecjacobson <jakecjacobson at gmail.com> (j) wrote:
>j> On Jul 28, 9:48 am, Jean-Paul Calderone <exar... at divmod.com> wrote:
>>> On Tue, 28 Jul 2009 03:35:55 -0700 (PDT), jakecjacobson <jakecjacob... at gmail.com> wrote:
>>> > [snip]
>>>
>>> >"Invalid how? Self signed certificate? Domain mismatch? Expired
>>> >certificate?" It is a server name mismatch.
>>>
>>> Python 2.4 is not capable of allowing you to customize this verification
>>> behavior. It is hard coded to let OpenSSL make the decision about whether
>>> to accept the certificate or not.
>>>
>>> Either M2Crypto or pyOpenSSL will let you ignore verification errors. The
>>> new ssl module in Python 2.6 may also as well.
>>>
>>> Jean-Paul
>j> Thanks, I will look into these suggestions.
>j> # cert_file is a PEM formatted certificate chain file.
>j> connection = httplib.HTTPSConnection(host, int(port), key_file,
>j> cert_file)
What happens if you set cert_file to None? This would indicate that you
are not interested in the server's certificate.
By the way, is the cert_file you supply the certificate of the CA that
signed the server's cert (in contrast to yours)?
--
Piet van Oostrum <piet at cs.uu.nl>
URL: http://pietvanoostrum.com [PGP 8DAE142BE17999C4]
Private email: piet at vanoostrum.org
More information about the Python-list
mailing list