Christian Heimes added the comment:

Good work! I completely forgot that the SSL object holds the last verification 
error in its struct. This allows the ssl module to print some information when 
cert verification fails. It's still not perfect, because it is missing 
information about the the failing certificate. It's much better than no reason 
at all.

I took your patch and simplified it a bit. I removed the sub reason attribute, 
too. We can add it later and use an enum.IntEnum instead of the old hack.

ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate 
verify failed: unable to get local issuer certificate (_ssl.c:766)

Added file:

Python tracker <>
Python-bugs-list mailing list

Reply via email to