bad certificate error

Piet van Oostrum piet at
Tue Jul 28 15:44:05 EDT 2009

>>>>> jakecjacobson <jakecjacobson at> (j) wrote:

>j> On Jul 28, 9:48 am, Jean-Paul Calderone <exar... at> wrote:
>>> On Tue, 28 Jul 2009 03:35:55 -0700 (PDT), jakecjacobson <jakecjacob... at> wrote:
>>> > [snip]
>>> >"Invalid how?  Self signed certificate? Domain mismatch? Expired
>>> >certificate?"  It is a server name mismatch.
>>> Python 2.4 is not capable of allowing you to customize this verification
>>> behavior.  It is hard coded to let OpenSSL make the decision about whether
>>> to accept the certificate or not.
>>> Either M2Crypto or pyOpenSSL will let you ignore verification errors.  The
>>> new ssl module in Python 2.6 may also as well.
>>> Jean-Paul

>j> Thanks, I will look into these suggestions.

>j> 		# cert_file is a PEM formatted certificate chain file.
>j> 		connection = httplib.HTTPSConnection(host, int(port), key_file,
>j> cert_file)

What happens if you set cert_file to None? This would indicate that you
are not interested in the server's certificate.

By the way, is the cert_file you supply the certificate of the CA that
signed the server's cert (in contrast to yours)?
Piet van Oostrum <piet at>
URL: [PGP 8DAE142BE17999C4]
Private email: piet at

More information about the Python-list mailing list