>>>>> jakecjacobson <[email protected]> (j) wrote:
>j> On Jul 28, 9:48 am, Jean-Paul Calderone <[email protected]> wrote: >>> On Tue, 28 Jul 2009 03:35:55 -0700 (PDT), jakecjacobson >>> <[email protected]> wrote: >>> > [snip] >>> >>> >"Invalid how? Self signed certificate? Domain mismatch? Expired >>> >certificate?" It is a server name mismatch. >>> >>> Python 2.4 is not capable of allowing you to customize this verification >>> behavior. It is hard coded to let OpenSSL make the decision about whether >>> to accept the certificate or not. >>> >>> Either M2Crypto or pyOpenSSL will let you ignore verification errors. The >>> new ssl module in Python 2.6 may also as well. >>> >>> Jean-Paul >j> Thanks, I will look into these suggestions. >j> # cert_file is a PEM formatted certificate chain file. >j> connection = httplib.HTTPSConnection(host, int(port), key_file, >j> cert_file) What happens if you set cert_file to None? This would indicate that you are not interested in the server's certificate. By the way, is the cert_file you supply the certificate of the CA that signed the server's cert (in contrast to yours)? -- Piet van Oostrum <[email protected]> URL: http://pietvanoostrum.com [PGP 8DAE142BE17999C4] Private email: [email protected] -- http://mail.python.org/mailman/listinfo/python-list
