CertificateHostnameMismatch on Python wrapper
I'm trying to access CG from Python, but I'm getting a CertificateHostnameMismatch exception. I tried both the PyCheddar wrapper and Sharpy wrapper both with the same result on two different computers (my own computer, and my web server)
The full traceback when using PyCheddar:
Traceback (most recent call last):
File "", line 1, in File
"/usr/lib64/python2.7/site-packages/pycheddar-0.9.3-py2.7.egg/pycheddar/init.py",
line 468, in all
return Customer.search()
File "/usr/lib64/python2.7/site-packages/pycheddar-0.9.3-py2.7.egg/pycheddar/init.py", line 482, in search
xml = CheddarGetter.request('/customers/get/', **kwargs)
File "/usr/lib64/python2.7/site-packages/pycheddar-0.9.3-py2.7.egg/pycheddar/init.py", line 99, in request
'content-type': 'application/x-www-form-urlencoded'
File "/usr/lib64/python2.7/site-packages/httplib2-0.7.1-py2.7.egg/httplib2/init.py", line 1436, in request
(response, content) = self._request(conn, authority, uri, request_uri, method, body, headers, redirections, cachekey)
File "/usr/lib64/python2.7/site-packages/httplib2-0.7.1-py2.7.egg/httplib2/init.py", line 1188, in _request
(response, content) = self._conn_request(conn, request_uri, method, body, headers)
File "/usr/lib64/python2.7/site-packages/httplib2-0.7.1-py2.7.egg/httplib2/init.py", line 1123, in _conn_request
conn.connect()
File "/usr/lib64/python2.7/site-packages/httplib2-0.7.1-py2.7.egg/httplib2/init.py", line 899, in connect
'host %s: %s' % (hostname, cert), hostname, cert)
httplib2.CertificateHostnameMismatch: Server presented certificate that does not match host cheddargetter.com: {'notAfter': 'Jul 19 12:00:00 2011 GMT', 'subjectAltName': (('DNS', '.cheddargetter.com'), ('DNS', 'cheddargetter.com')), 'subject': ((('countryName', u'US'),), (('stateOrProvinceName', u'Indiana'),), (('localityName', u'Bloomington'),), (('organizationName', u'CheddarGetter LLC'),), (('commonName', u'.cheddargetter.com'),))}
Discussions are closed to public comments.
If you need help with Cheddar please
start a new discussion.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
1 Posted by Ryan on 02 Jul, 2011 10:31 AM
Traceback with corrected formatting:
2 Posted by Ryan on 04 Jul, 2011 08:16 AM
The code that causes this exception:
Support Staff 3 Posted by Marc Guyer on 05 Jul, 2011 03:14 PM
HI Ryan -- Sorry for the delay. We don't usually support wrappers directly but I'll try to shed some light on this issue. Our certificate is a "wildcard" certificate which may be why your library doesn't like it. The certificate is valid for both cheddargetter.com and any subdomain.
There is likely a way to ask httplib2 not to validate the certificate as a workaround. If you find the solution, I'm sure the community would like to include the workaround in the wrapper you're using.
I've attached Sean, the original author of Sharpy, to this thread. Sean, could you weigh in on this?
4 Posted by sean on 05 Jul, 2011 03:40 PM
Hello Ryan,
It looks like this problem is caused by a recent update to httplib2's SSL handling. I'll be finding and releasing a fix for sharpy in the next few days.
As an interim solution you can simply use an older version of httplib2. You can do this by running "pip install "httplib2==0.6.0"".
I'll update this discussion once I've pushed out the update for sharpy.
5 Posted by Ryan on 06 Jul, 2011 04:56 PM
Thanks, Marc and sean. Downgrading httplib2 works, I'll be waiting for the update when it comes out.
PS: Marc, I accidentally put in an email, password, and product in the code sample in post #3, can you remove them or contact someone who can remove them? Thanks.
Support Staff 6 Posted by Marc Guyer on 06 Jul, 2011 05:16 PM
Sean -- thanks for looking at that.
Ryan - your email/password is now masked.
7 Posted by sean on 09 Sep, 2011 07:54 PM
Quick update on this, httplib2 have updated their code to include the godaddy root certificate. If you install using
pip install "httplib2==dev"
you won't get the error and httplib2 will actually check that cheddargetter's SSL cert is valid (protecting against man in the middle attacks).Once httplib2 version 0.7.2 is released, the normal
pip install httplib2
should "just work".8 Posted by DavidA on 17 Nov, 2011 06:19 PM
httplib2 0.7.2 has been released. It fixed the problem for me.
http://code.google.com/p/httplib2/downloads/list
Dean closed this discussion on 18 Jan, 2013 03:40 PM.