New submission from Jizhou Yang <yakisoba...@gmail.com>:
Loading cadata in PEM format results in a nested asn1 error. Workaround is to
convert cadata to unicode.
Minimum code for reproducing the issue:
>>>import ssl
>>> with open('ca.crt') as f:
... ca_crt = f.read()
...
>>> c = ssl.create_default_context()
>>> c.load_verify_locations(cadata=ca_crt)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
ssl.SSLError: nested asn1 error (_ssl.c:2902)
With workaround to make it work:
>>>import ssl
>>> with open('ca.crt') as f:
... ca_crt = f.read()
...
>>> c = ssl.create_default_context()
>>> c.load_verify_locations(cadata=unicode(ca_crt))
The issue is annoying as the documentation explicitly states cadata to be
"either an ASCII string of one or more PEM-encoded certificates...".
Furthermore the unicode function is not present in Python 3.x, making the
workaround version-dependent.
----------
title: PEM cadata causes ssl.SSLError: nested ans1 error -> PEM cadata causes
ssl.SSLError: nested asn1 error
Added file: https://bugs.python.org/file48373/ca.crt
_______________________________________
Python tracker <rep...@bugs.python.org>
<https://bugs.python.org/issue37079>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
