Python 2.7.9 fails due to CERTIFICATE_VERIFY_FAILED

[olebowle]

Hi,

thanks for mainting the api! I use it on a daily basis. :-) I have an issue with Python 2.7.9:

$ python2
Python 2.7.9 (default, Dec 11 2014, 04:42:00) 
[GCC 4.9.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import quizduellapi
>>> api = quizduellapi.QuizduellApi()
>>> user = api.create_user('Max Mustermann', 'password', 'max@mustermann.com')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python2.7/site-packages/quizduellapi.py", line 73, in create_user
    return self._request('/users/create', data)
  File "/usr/lib/python2.7/site-packages/quizduellapi.py", line 642, in _request
    response = self._opener.open('https://' + self.host_name + url, data=encoded_params, timeout=self.timeout)
  File "/usr/lib/python2.7/urllib2.py", line 431, in open
    response = self._open(req, data)
  File "/usr/lib/python2.7/urllib2.py", line 449, in _open
    '_open', req)
  File "/usr/lib/python2.7/urllib2.py", line 409, in _call_chain
    result = func(*args)
  File "/usr/lib/python2.7/urllib2.py", line 1240, in https_open
    context=self._context)
  File "/usr/lib/python2.7/urllib2.py", line 1197, in do_open
    raise URLError(err)
urllib2.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:581)>

With 2.7.8 everything is still alright:

$ python2
Python 2.7.8 (default, Sep 24 2014, 18:26:21) 
[GCC 4.9.1 20140903 (prerelease)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import quizduellapi
>>> api = quizduellapi.QuizduellApi()
>>> user = api.create_user('Max Mustermann', 'password', 'max@mustermann.com')
>>> print user
{u'popup_title': u'Hoppla', u'popup_mess': u'E-Mail Adresse ist vergeben\n'}

https://www.python.org/downloads/release/python-279/

[mtschirs]

It seems that Python < 2.7.9 didn't validate certificates in the HTTP client. Since the certificate returned by *.feomedia.se is self-signed, Python now throws an SSL: CERTIFICATE_VERIFY_FAILED error.

Should be fixed in the newest version (simply switched to *.appspot.com)

[olebowle]

Switching to *.appspot.com does work indeed. Thanks a lot!

[startmat]

see:
http://linux.debian.bugs.dist.narkive.com/Fa81q1tS/bug-769542-rss2email-option-for-disabling-certificate-verification

you can monkeypatch ssl.:

import ssl
if hasattr(ssl, '_create_unverified_context'):
ssl._create_default_https_context = ssl._create_unverified_context

python bug tracker:
https://bugs.python.org/issue22417

[olebowle]

Thanks this might come in handy if *.appspot.com won't work or makes the same trouble.

[sarathm09]

Could someone tell me what you mean by switching to *.appspot.com? I'm also facing this issue, so need help solving it.

[mtschirs]

Hi @sarathm09

just use the newest quizduellapi.py from this repository and you will be fine. Or modify the following line in your own copy of quizduellapi.py:
host_name = 'qkgermany.feomedia.se' --> host_name = 'qkgermany.appspot.com'

@startmat Thank you for the patch, might indeed come in handy

[sarathm09]

Okay, sure! thank you

[dischinator]

@sarathm09 awesome, your comment helped me accessing another api with similar problem. Strangely their ssl and certificate setup seemed to be alright.

[sarathm09]

@dischinator , Welcome 👍

[erm3nda]

@startmat Yes, thank you for the patch way. I know that's called monkeypatch, but did save my day.