Please sign in to comment.
Output a more helpful message when there is a certificate name mismatch.
Note: Currently, there is an issue connecting to EC2 services using boto with host name verification enabled. The client connecting will be redirect, for example from ec2.amazonaws.com to ec2.us-east-1.amazonaws.com. The python SSL library does not seem to support the X509v3 Subject Alternative Name fields (even though the documentation mentions a subjectAltName, this seems to be not of the x509v3 kind) - verification with the openssl s_client shows that ec2.us-east-1.amazonaws.com is indeed mentioned on the certificate. The only solution at the moment seems to be trying to connect to the host directly where the hostname is presented as the commonName. This patch hopefully will tip more people in the right direction when they are looking for errors.
- Loading branch information...