Path: csiph.com!eternal-september.org!feeder.eternal-september.org!feeds.phibee-telecom.net!newsfeed.xs4all.nl!newsfeed7.news.xs4all.nl!nzpost1.xs4all.net!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.009 X-Spam-Evidence: '*H*': 0.98; '*S*': 0.00; 'python3': 0.05; 'list?': 0.07; 'wrapped': 0.07; 'callback': 0.09; 'fetch': 0.09; 'here?': 0.09; 'systems.': 0.11; 'def': 0.13; 'skip:f 30': 0.15; '"get",': 0.16; 'handshake': 0.16; 'lambda': 0.16; 'skip:" 100': 0.16; 'subject:broken': 0.16; 'test():': 0.16; 'ssl': 0.18; 'windows': 0.20; 'skip:v 30': 0.20; '"",': 0.22; 'import': 0.24; '(most': 0.24; 'skip:" 20': 0.26; 'error': 0.27; 'forgive': 0.27; 'skip:e 30': 0.27; '**kwargs)': 0.29; 'request,': 0.29; 'ret': 0.29; 'compared': 0.30; 'skip:_ 10': 0.32; 'run': 0.33; 'http': 0.33; 'traceback': 0.33; 'ubuntu': 0.33; 'version:': 0.33; 'file': 0.34; 'gives': 0.35; 'skip:" 50': 0.35; 'but': 0.36; 'skip:i 20': 0.36; 'possible': 0.36; 'to:addr:python-list': 0.36; 'subject:?': 0.36; 'method': 0.37; 'thanks': 0.37; '12,': 0.37; 'version': 0.38; 'skip:p 20': 0.38; 'test': 0.39; 'does': 0.39; 'to:addr:python.org': 0.40; 'back': 0.62; 'charset:iso-8859-2': 0.64; 'here': 0.66; 'future,': 0.70; 'stop,': 0.84; 'subject:here': 0.84; 'url:applications': 0.84; 'yielded': 0.84; '212,': 0.91 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shopzeus.com; s=shopzeus_com; t=1444214391; bh=4e1pKX4qZ5odyLyqxXslGIRUz741RRAGrKD6z8HhW0M=; h=To:From:Subject:Date:From; b=H2PdFWR4mkW6Nv89AWnPRonDga3au4HPnCK2fBjPBFVwq+Grh/SavvQYzT1wMdvM/ IDDL72QHNb7ST976YswFEz8/qi0QJzE2Ew4zFn5ODLnsiNR+YpOdfE2XTF4A9hBM3A 8O3ZDH9fXaoriM4exMX3psFHVZ8P+I/oLwtpQAg4lsViBxL3KA7F8UNH6uDJ4R4wFv 1wsiYjLqDMnO03Op75YqtdD9Kr4qcoWlrUcbYHfUR6sgdOEdiLIEYMw0g9LPMdAo3+ iBN5UYYKZzF560cZDwkSZ8e4pWLss6WpYlqry9dnyi7JnrOXGrvDyorJVdxCiS3x+M qbjCuhXDYsftQ== To: python-list@python.org From: =?UTF-8?Q?Nagy_L=c3=a1szl=c3=b3_Zsolt?= Subject: certifi or tornadoweb broken? What is happening here? Date: Wed, 7 Oct 2015 12:39:29 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-2 Content-Transfer-Encoding: quoted-printable X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.20+ Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 159 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1444214725 news.xs4all.nl 23792 [2001:888:2000:d::a6]:59914 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:97477 Here is an MWE: import certifi import tornado.ioloop import tornado.httpclient io_loop =3D tornado.ioloop.IOLoop.current() def test(): global io_loop url =3D "https://www.saaspass.com/sd/rest/applications/xxxxxxxxxxxxxxxxx/tokens?p= assword=3Dxxxxxxxxxxxxxxxxx" # Just a test application! http_client =3D tornado.httpclient.HTTPClient() request =3D tornado.httpclient.HTTPRequest(url =3D url, method =3D "G= ET", ca_certs=3Dcertifi.where()) response =3D http_client.fetch(request) print(response.body) print("Certifi version:",certifi.__version__) io_loop.add_callback(test) io_loop.start() # forgive me, will never stop, but this is just a test Here is what happens on Windows 7: c:\Temp\aaa>py -3 test.py Certifi version: 2015.09.06.2 ERROR:tornado.application:Exception in callback functools.partial(.null_wrapper at 0x00000000033AC598>) Traceback (most recent call last): File "C:\Python35\lib\site-packages\tornado\ioloop.py", line 592, in _run_call back ret =3D callback() File "C:\Python35\lib\site-packages\tornado\stack_context.py", line 275, in nu ll_wrapper return fn(*args, **kwargs) File "test.py", line 12, in test response =3D http_client.fetch(request) File "C:\Python35\lib\site-packages\tornado\httpclient.py", line 102, in fetch self._async_client.fetch, request, **kwargs)) File "C:\Python35\lib\site-packages\tornado\ioloop.py", line 445, in run_sync return future_cell[0].result() File "C:\Python35\lib\site-packages\tornado\concurrent.py", line 215, in resul t raise_exc_info(self._exc_info) File "", line 3, in raise_exc_info tornado.httpclient.HTTPError: HTTP 400: Bad Request And here is what happens on Ubuntu: test@vps014:~$ python3 test.py Certifi version: 2015.09.06.2 WARNING:tornado.general:SSL Error on 9 ('104.154.49.147', 443): [Errno 1] _ssl.c:392: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ERROR:tornado.application:Exception in callback functools.partial() Traceback (most recent call last): File "/usr/local/lib/python3.2/dist-packages/tornado-4.2.1-py3.2-linux-x86_64.= egg/tornado/ioloop.py", line 592, in _run_callback ret =3D callback() File "/usr/local/lib/python3.2/dist-packages/tornado-4.2.1-py3.2-linux-x86_64.= egg/tornado/stack_context.py", line 275, in null_wrapper return fn(*args, **kwargs) File "test.py", line 12, in test response =3D http_client.fetch(request) File "/usr/local/lib/python3.2/dist-packages/tornado-4.2.1-py3.2-linux-x86_64.= egg/tornado/httpclient.py", line 102, in fetch self._async_client.fetch, request, **kwargs)) File "/usr/local/lib/python3.2/dist-packages/tornado-4.2.1-py3.2-linux-x86_64.= egg/tornado/ioloop.py", line 445, in run_sync return future_cell[0].result() File "/usr/local/lib/python3.2/dist-packages/tornado-4.2.1-py3.2-linux-x86_64.= egg/tornado/concurrent.py", line 215, in result raise_exc_info(self._exc_info) File "", line 3, in raise_exc_info File "/usr/local/lib/python3.2/dist-packages/tornado-4.2.1-py3.2-linux-x86_64.= egg/tornado/stack_context.py", line 314, in wrapped ret =3D fn(*args, **kwargs) File "/usr/local/lib/python3.2/dist-packages/tornado-4.2.1-py3.2-linux-x86_64.= egg/tornado/gen.py", line 212, in future, lambda future: callback(future.result())) File "/usr/local/lib/python3.2/dist-packages/tornado-4.2.1-py3.2-linux-x86_64.= egg/tornado/concurrent.py", line 215, in result raise_exc_info(self._exc_info) File "", line 3, in raise_exc_info File "/usr/local/lib/python3.2/dist-packages/tornado-4.2.1-py3.2-linux-x86_64.= egg/tornado/gen.py", line 876, in run yielded =3D self.gen.throw(*exc_info) File "/usr/local/lib/python3.2/dist-packages/tornado-4.2.1-py3.2-linux-x86_64.= egg/tornado/tcpclient.py", line 174, in connect server_hostname=3Dhost) File "/usr/local/lib/python3.2/dist-packages/tornado-4.2.1-py3.2-linux-x86_64.= egg/tornado/gen.py", line 870, in run value =3D future.result() File "/usr/local/lib/python3.2/dist-packages/tornado-4.2.1-py3.2-linux-x86_64.= egg/tornado/concurrent.py", line 215, in result raise_exc_info(self._exc_info) File "", line 3, in raise_exc_info File "/usr/local/lib/python3.2/dist-packages/tornado-4.2.1-py3.2-linux-x86_64.= egg/tornado/iostream.py", line 1243, in _do_ssl_handshake self.socket.do_handshake() File "/usr/lib/python3.2/ssl.py", line 458, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [Errno 1] _ssl.c:392: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed The certifi package has the very same version on both systems. I have compared the cacert.pem file provided by certifi on both systems and they are identical. The URL is also identical. What is happening here? How it is possible that the Ubuntu system gives an SSL handshake error, but the Windows system does the SSL handshake - using the same CA cert list? Thanks Laszlo