[Chicago] Is pypi.python.org really running with a self-signed cert?

William E. S. Clemens wesclemens at gmail.com
Fri Mar 6 20:39:44 CET 2015 

Are you behind a proxy? I was able to curl the file without issue.

--
William Clemens
Phone: 847.485.9455
E-mail: wesclemens at gmail.com

On Thu, Mar 5, 2015 at 9:58 PM, Adam Bain <bainada.iit at gmail.com> wrote:

> Definitely not self-signed, on my browser its signed by DigiCert. SHA256
> fingerprint beginning with 9f249e91. Not really sure whats causing your
> error, do you maybe need to tell curl about which root certs to trust?
>
>
> On Thu, Mar 5, 2015, 9:16 PM Robare, Phillip (Randstant) <
> proba at allstate.com> wrote:
>
>> I was trying to get my environment set up on a new work computer (Cygwin
>> with cygwin's python 2.7 under Windows) so I downloaded and ran
>> ez_setup.py.  It errored on a line where it calls curl to download
>> setuptools.  I pulled the line out and ran it from the command line without
>> the -silent parameter.
>>
>> $ curl https://pypi.python.org/packages/source/s/setuptools/
>> setuptools-12.3.zip
>>   % Total    % Received % Xferd  Average Speed   Time    Time     Time
>> Current
>>                                  Dload  Upload   Total   Spent    Left
>> Speed
>>   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--
>>    0
>> curl: (60) SSL certificate problem: unable to get local issuer certificate
>> More details here: http://curl.haxx.se/docs/sslcerts.html
>>
>> curl performs SSL certificate verification by default, using a "bundle"
>>  of Certificate Authority (CA) public keys (CA certs). If the default
>>  bundle file isn't adequate, you can specify an alternate file
>>  using the --cacert option.
>> If this HTTPS server uses a certificate signed by a CA represented in
>>  the bundle, the certificate verification probably failed due to a
>>  problem with the certificate (it might be expired, or the name might
>>  not match the domain name in the URL).
>> If you'd like to turn off curl's verification of the certificate, use
>>  the -k (or --insecure) option.
>>
>> Some weirdness with Cygwin?  So I tried it with insecure mode.
>>
>> $ curl --insecure https://pypi.python.org/packages/source/s/setuptools/
>> setuptools-12.3.zip
>>   % Total    % Received % Xferd  Average Speed   Time    Time     Time
>> Current
>>                                  Dload  Upload   Total   Spent    Left
>> Speed
>>   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--
>>    0
>> curl: (56) SSL read: error:00000000:lib(0):func(0):reason(0), errno 104
>>
>> Not much more enlightening.  So I tried wget.
>>
>> $ wget https://pypi.python.org/packages/source/s/setuptools/
>> setuptools-12.3.zip --2015-03-05 16:17:06--  https://pypi.python.org/
>> packages/source/s/setuptools/setuptools-12.3.zip
>> Resolving pypi.python.org (pypi.python.org)... 23.235.40.223
>> Connecting to pypi.python.org (pypi.python.org)|23.235.40.223|:443...
>> connected.
>> ERROR: The certificate of 'pypi.python.org' is not trusted.
>> ERROR: The certificate of 'pypi.python.org' hasn't got a known issuer.
>>
>> Does anyone else have a problem with pypi's certificate?  Or a
>> work-around for getting ez_install to run?
>>
>> Thanks,
>>
>> Phil Robare
>>
>> _______________________________________________
>> Chicago mailing list
>> Chicago at python.org
>> https://mail.python.org/mailman/listinfo/chicago
>>
>
> _______________________________________________
> Chicago mailing list
> Chicago at python.org
> https://mail.python.org/mailman/listinfo/chicago
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/chicago/attachments/20150306/dec9fcba/attachment.html>

More information about the Chicago mailing list