bad certificate error

jakecjacobson jakecjacobson at gmail.com
Mon Jul 27 17:57:40 CEST 2009


Hi,

I am getting the following error when doing a post to REST API,

Enter PEM pass phrase:
Traceback (most recent call last):
  File "./ices_catalog_feeder.py", line 193, in ?
    main(sys.argv[1])
  File "./ices_catalog_feeder.py", line 60, in main
    post2Catalog(catalog_host, catalog_port, catalog_path, os.path.join
(input_dir, file), collection_name, key_file, cert_file)
  File "./ices_catalog_feeder.py", line 125, in post2Catalog
    connection.request('POST', path, parameters, head)
  File "/usr/lib/python2.4/httplib.py", line 810, in request
    self._send_request(method, url, body, headers)
  File "/usr/lib/python2.4/httplib.py", line 833, in _send_request
    self.endheaders()
  File "/usr/lib/python2.4/httplib.py", line 804, in endheaders
    self._send_output()
  File "/usr/lib/python2.4/httplib.py", line 685, in _send_output
    self.send(msg)
  File "/usr/lib/python2.4/httplib.py", line 652, in send
    self.connect()
  File "/usr/lib/python2.4/httplib.py", line 1079, in connect
    ssl = socket.ssl(sock, self.key_file, self.cert_file)
  File "/usr/lib/python2.4/socket.py", line 74, in ssl
    return _realssl(sock, keyfile, certfile)
socket.sslerror: (1, 'error:14094412:SSL
routines:SSL3_READ_BYTES:sslv3 alert bad certificate')


My code where this error occurs is:

head = {"Content-Type" : "application/x-www-form-urlencoded",
"Accept" : "text/plain"}
parameters = urlencode({"collection" : collection, "entryxml" : open
(file,'r').read()})
print "Sending the file to: " + host

try:
	try:
		# Default port is 443.
		# key_file is the name of a PEM formatted file that contains your
private key.
		# cert_file is a PEM formatted certificate chain file.
		connection = httplib.HTTPSConnection(host, int(port), key_file,
cert_file)
		connection.request('POST', path, parameters, head)
		response = connection.getresponse()
		print response.status, response.reason
	except httplib.error, (value,message):
		print value + ':' + message
finally:
	connection.close()

I was wondering if this is due to the server having a invalid server
cert?  If I go to this server in my browser, I get a "This server
tried to identify itself with invalid information".  Is there a way to
ignore this issue with Python?  Can I setup a trust store and add this
server to the trust store?



More information about the Python-list mailing list