jakecjacobson <jakecjacob...@gmail.com> wrote: > I am getting the following error when doing a post to REST API, > > Enter PEM pass phrase: > Traceback (most recent call last): > File "./ices_catalog_feeder.py", line 193, in ? > main(sys.argv[1]) > File "./ices_catalog_feeder.py", line 60, in main > post2Catalog(catalog_host, catalog_port, catalog_path, os.path.join > (input_dir, file), collection_name, key_file, cert_file) > File "./ices_catalog_feeder.py", line 125, in post2Catalog > connection.request('POST', path, parameters, head) > File "/usr/lib/python2.4/httplib.py", line 810, in request > self._send_request(method, url, body, headers) > File "/usr/lib/python2.4/httplib.py", line 833, in _send_request > self.endheaders() > File "/usr/lib/python2.4/httplib.py", line 804, in endheaders > self._send_output() > File "/usr/lib/python2.4/httplib.py", line 685, in _send_output > self.send(msg) > File "/usr/lib/python2.4/httplib.py", line 652, in send > self.connect() > File "/usr/lib/python2.4/httplib.py", line 1079, in connect > ssl = socket.ssl(sock, self.key_file, self.cert_file) > File "/usr/lib/python2.4/socket.py", line 74, in ssl > return _realssl(sock, keyfile, certfile) > socket.sslerror: (1, 'error:14094412:SSL > routines:SSL3_READ_BYTES:sslv3 alert bad certificate') > > > My code where this error occurs is: > > head = {"Content-Type" : "application/x-www-form-urlencoded", > "Accept" : "text/plain"} > parameters = urlencode({"collection" : collection, "entryxml" : open > (file,'r').read()}) > print "Sending the file to: " + host > > try: > try: > # Default port is 443. > # key_file is the name of a PEM formatted file that contains > your > private key. > # cert_file is a PEM formatted certificate chain file. > connection = httplib.HTTPSConnection(host, int(port), key_file, > cert_file) > connection.request('POST', path, parameters, head) > response = connection.getresponse() > print response.status, response.reason > except httplib.error, (value,message): > print value + ':' + message > finally: > connection.close() > > I was wondering if this is due to the server having a invalid server > cert?
I'd say judging from the traceback you messed up key_file or cert_file somehow. Try using the openssl binary on them (read the man page to see how!) to check them out. > If I go to this server in my browser, I get a "This server tried to > identify itself with invalid information". Is there a way to > ignore this issue with Python? Can I setup a trust store and add > this server to the trust store? Invalid how? Self signed certificate? Domain mismatch? Expired certificate? -- Nick Craig-Wood <n...@craig-wood.com> -- http://www.craig-wood.com/nick -- http://mail.python.org/mailman/listinfo/python-list