Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Python 2.7.9 fails due to CERTIFICATE_VERIFY_FAILED #2

Closed
olebowle opened this issue Dec 14, 2014 · 10 comments

Comments

@olebowle
Copy link

commented Dec 14, 2014

Hi,

thanks for mainting the api! I use it on a daily basis. :-) I have an issue with Python 2.7.9:

$ python2
Python 2.7.9 (default, Dec 11 2014, 04:42:00) 
[GCC 4.9.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import quizduellapi
>>> api = quizduellapi.QuizduellApi()
>>> user = api.create_user('Max Mustermann', 'password', 'max@mustermann.com')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python2.7/site-packages/quizduellapi.py", line 73, in create_user
    return self._request('/users/create', data)
  File "/usr/lib/python2.7/site-packages/quizduellapi.py", line 642, in _request
    response = self._opener.open('https://' + self.host_name + url, data=encoded_params, timeout=self.timeout)
  File "/usr/lib/python2.7/urllib2.py", line 431, in open
    response = self._open(req, data)
  File "/usr/lib/python2.7/urllib2.py", line 449, in _open
    '_open', req)
  File "/usr/lib/python2.7/urllib2.py", line 409, in _call_chain
    result = func(*args)
  File "/usr/lib/python2.7/urllib2.py", line 1240, in https_open
    context=self._context)
  File "/usr/lib/python2.7/urllib2.py", line 1197, in do_open
    raise URLError(err)
urllib2.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:581)>

With 2.7.8 everything is still alright:

$ python2
Python 2.7.8 (default, Sep 24 2014, 18:26:21) 
[GCC 4.9.1 20140903 (prerelease)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import quizduellapi
>>> api = quizduellapi.QuizduellApi()
>>> user = api.create_user('Max Mustermann', 'password', 'max@mustermann.com')
>>> print user
{u'popup_title': u'Hoppla', u'popup_mess': u'E-Mail Adresse ist vergeben\n'}

https://www.python.org/downloads/release/python-279/

@mtschirs

This comment has been minimized.

Copy link
Owner

commented Dec 16, 2014

It seems that Python < 2.7.9 didn't validate certificates in the HTTP client. Since the certificate returned by *.feomedia.se is self-signed, Python now throws an SSL: CERTIFICATE_VERIFY_FAILED error.

Should be fixed in the newest version (simply switched to *.appspot.com)

@olebowle

This comment has been minimized.

Copy link
Author

commented Dec 16, 2014

Switching to *.appspot.com does work indeed. Thanks a lot!

@olebowle olebowle closed this Dec 16, 2014

@startmat

This comment has been minimized.

Copy link

commented Dec 30, 2014

see:
http://linux.debian.bugs.dist.narkive.com/Fa81q1tS/bug-769542-rss2email-option-for-disabling-certificate-verification

you can monkeypatch ssl.:

import ssl
if hasattr(ssl, '_create_unverified_context'):
ssl._create_default_https_context = ssl._create_unverified_context

python bug tracker:
https://bugs.python.org/issue22417

@olebowle

This comment has been minimized.

Copy link
Author

commented Jan 2, 2015

Thanks this might come in handy if *.appspot.com won't work or makes the same trouble.

@sarathm09

This comment has been minimized.

Copy link

commented Jan 15, 2015

Could someone tell me what you mean by switching to *.appspot.com? I'm also facing this issue, so need help solving it.

@mtschirs

This comment has been minimized.

Copy link
Owner

commented Jan 15, 2015

Hi @sarathm09

just use the newest quizduellapi.py from this repository and you will be fine. Or modify the following line in your own copy of quizduellapi.py:
host_name = 'qkgermany.feomedia.se' --> host_name = 'qkgermany.appspot.com'

@startmat Thank you for the patch, might indeed come in handy

@sarathm09

This comment has been minimized.

Copy link

commented Jan 15, 2015

Okay, sure! thank you

@dischinator

This comment has been minimized.

Copy link

commented Feb 27, 2015

@sarathm09 awesome, your comment helped me accessing another api with similar problem. Strangely their ssl and certificate setup seemed to be alright.

@sarathm09

This comment has been minimized.

Copy link

commented Feb 27, 2015

@dischinator , Welcome 👍

@erm3nda

This comment has been minimized.

Copy link

commented Dec 20, 2015

@startmat Yes, thank you for the patch way. I know that's called monkeypatch, but did save my day.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
6 participants
You can’t perform that action at this time.