Date: Sun, 28 Dec 2014 21:18:05 -0800 From: "James D. Lin" <jamesdlin@gmail.com> To: python@freebsd.org Subject: Python 2.7.9 looks for SSL certificates in /etc/ssl instead of /usr/local/etc/ssl Message-ID: <CADPatTdEmWSQDDx-eZ8ba3Pa_a2phzGME8CbeTcvpSPvckB45Q@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hello,
I recently upgraded to Python 2.7.9 from the ports collection on my FreeBSD
10.0 system, and Python 2.7.9's change to enable SSL verification
unexpectedly broke several of my Python scripts that made https connections
to sites with valid SSL certificates. The reason is that Python is looking
for the CA file at /etc/ssl/cert.pem, which does not exist in my FreeBSD
installation. I do, however, have a /usr/local/etc/ssl/cert.pem file
(which is actually a symlink to /usr/local/share/certs/ca-root-nss.crt):
Calling ssl.get_default_verify_paths() in Python returns:
DefaultVerifyPaths(cafile=None,
capath=None,
openssl_cafile_env='SSL_CERT_FILE',
openssl_cafile='/etc/ssl/cert.pem',
openssl_capath_env='SSL_CERT_DIR',
openssl_capath='/etc/ssl/certs')
Is this something that can (and should) be corrected in the Python 2.7.9
port?
Thanks,
- James
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADPatTdEmWSQDDx-eZ8ba3Pa_a2phzGME8CbeTcvpSPvckB45Q>