In article <cd8f39d9-acd9-4d6e-9aac-dbcdf607f...@adm.umu.se>, Roland Hedberg <roland.hedb...@adm.umu.se> wrote:
> Hi! > > I¹m trying to access > https://stsadweb.one.microsoft.com/adfs/.well-known/openid-configuration > > Doing it the simplest way I get the following: > > >>> import urllib > >>> f = > >>> urllib.urlopen("https://stsadweb.one.microsoft.com/adfs/.well-known/openid > >>> -configuration") > Traceback (most recent call last): > File "<stdin>", line 1, in <module> > File > "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib.py", > line 87, in urlopen > return opener.open(url) > File > "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib.py", > line 208, in open > return getattr(self, name)(url) > File > "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib.py", > line 437, in open_https > h.endheaders(data) > File > "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/httplib.py" > , line 969, in endheaders > self._send_output(message_body) > File > "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/httplib.py" > , line 829, in _send_output > self.send(msg) > File > "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/httplib.py" > , line 791, in send > self.connect() > File > "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/httplib.py" > , line 1176, in connect > self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file) > File > "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ssl.py", > line 387, in wrap_socket > ciphers=ciphers) > File > "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ssl.py", > line 143, in __init__ > self.do_handshake() > File > "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ssl.py", > line 305, in do_handshake > self._sslobj.do_handshake() > IOError: [Errno socket error] [Errno 54] Connection reset by peer > >>> import ssl > >>> ssl.OPENSSL_VERSION > ¹OpenSSL 0.9.8za 5 Jun 2014' > > Now, using Safari, or curl for that matter, from the same machine works > without a hitch. > > The URL above is also the only URL I¹ve encountered this problem with. > > Anyone got an idea ? I believe the problem is that the connection is protected by a multi-hostname server certificate and Python 2's urllib (and underlying httplib and ssl modules) do not support SNI extensions to TLS. The request above works fine with Python 3 (which has supported client-side SNI since Python 3.2). See http://bugs.python.org/issue5639 for more discussion of the matter. If Python 3 is not an option for you, the requests package available via PyPI should help. -- Ned Deily, n...@acm.org -- https://mail.python.org/mailman/listinfo/python-list
