[issue20896] test_ssl.test_get_server_certificate() is failing: CA cert of svn.python.org changed?
STINNER Victor
report at bugs.python.org
Wed Mar 12 12:20:40 CET 2014
New submission from STINNER Victor:
======================================================================
ERROR: test_get_server_certificate (test.test_ssl.NetworkedTests)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/haypo/prog/python/default/Lib/test/test_ssl.py", line 1373, in test_get_server_certificate
_test_get_server_certificate('svn.python.org', 443, SVN_PYTHON_ORG_ROOT_CERT)
File "/home/haypo/prog/python/default/Lib/test/test_ssl.py", line 1354, in _test_get_server_certificate
pem = ssl.get_server_certificate((host, port))
File "/home/haypo/prog/python/default/Lib/ssl.py", line 902, in get_server_certificate
with context.wrap_socket(sock) as sslsock:
File "/home/haypo/prog/python/default/Lib/ssl.py", line 344, in wrap_socket
_context=self)
File "/home/haypo/prog/python/default/Lib/ssl.py", line 540, in __init__
self.do_handshake()
File "/home/haypo/prog/python/default/Lib/ssl.py", line 767, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:598)
----------------------------------------------------------------------
Extract of the current CA cert of svn.python.org:
---
$ openssl x509 -in Lib/test/https_svn_python_org_root.pem -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: md5WithRSAEncryption
Issuer: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=support at cacert.org
Validity
Not Before: Mar 30 12:29:49 2003 GMT
Not After : Mar 29 12:29:49 2033 GMT
Subject: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=support at cacert.org
...
---
Lib/test/https_svn_python_org_root.pem is identical to http://www.cacert.org/certs/root.crt: root certificate of cacert.org authority.
----------
messages: 213248
nosy: haypo, pitrou
priority: normal
severity: normal
status: open
title: test_ssl.test_get_server_certificate() is failing: CA cert of svn.python.org changed?
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue20896>
_______________________________________
More information about the Python-bugs-list
mailing list