Weird SSL problem
Roland Hedberg
roland.hedberg at umu.se
Wed Oct 1 04:22:54 EDT 2014
30 sep 2014 kl. 00:55 skrev Ned Deily <nad at acm.org>:
> In article <CD8F39D9-ACD9-4D6E-9AAC-DBCDF607F242 at adm.umu.se>,
> Roland Hedberg <roland.hedberg at adm.umu.se> wrote:
>
>> Hi!
>>
>> I¹m trying to access
>> https://stsadweb.one.microsoft.com/adfs/.well-known/openid-configuration
>>
>> Doing it the simplest way I get the following:
>>
>>>>> import urllib
>>>>> f =
>>>>> urllib.urlopen("https://stsadweb.one.microsoft.com/adfs/.well-known/openid
>>>>> -configuration")
>> Traceback (most recent call last):
>> File "<stdin>", line 1, in <module>
>> File
>> "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib.py",
>> line 87, in urlopen
>> return opener.open(url)
>> File
>> "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib.py",
>> line 208, in open
>> return getattr(self, name)(url)
>> File
>> "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib.py",
>> line 437, in open_https
>> h.endheaders(data)
>> File
>> "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/httplib.py"
>> , line 969, in endheaders
>> self._send_output(message_body)
>> File
>> "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/httplib.py"
>> , line 829, in _send_output
>> self.send(msg)
>> File
>> "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/httplib.py"
>> , line 791, in send
>> self.connect()
>> File
>> "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/httplib.py"
>> , line 1176, in connect
>> self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file)
>> File
>> "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ssl.py",
>> line 387, in wrap_socket
>> ciphers=ciphers)
>> File
>> "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ssl.py",
>> line 143, in __init__
>> self.do_handshake()
>> File
>> "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ssl.py",
>> line 305, in do_handshake
>> self._sslobj.do_handshake()
>> IOError: [Errno socket error] [Errno 54] Connection reset by peer
>>>>> import ssl
>>>>> ssl.OPENSSL_VERSION
>> ¹OpenSSL 0.9.8za 5 Jun 2014'
>>
>> Now, using Safari, or curl for that matter, from the same machine works
>> without a hitch.
>>
>> The URL above is also the only URL I¹ve encountered this problem with.
>>
>> Anyone got an idea ?
>
> I believe the problem is that the connection is protected by a
> multi-hostname server certificate and Python 2's urllib (and underlying
> httplib and ssl modules) do not support SNI extensions to TLS. The
> request above works fine with Python 3 (which has supported client-side
> SNI since Python 3.2). See http://bugs.python.org/issue5639 for more
> discussion of the matter. If Python 3 is not an option for you, the
> requests package available via PyPI should help.
You’re absolutely correct in that it’s a SNI problem.
Python 3 is not an option and I was already using requests obviously missing something.
Ah, had to install some extra libraries.
— Roland
”Being able to think like a child is an important attribute of being an adult” - Eddie Izzard
More information about the Python-list
mailing list