CertificateHostnameMismatch on Python wrapper

Edit

Ryan

02 Jul, 2011 10:29 AM

I'm trying to access CG from Python, but I'm getting a CertificateHostnameMismatch exception. I tried both the PyCheddar wrapper and Sharpy wrapper both with the same result on two different computers (my own computer, and my web server)

The full traceback when using PyCheddar:

Traceback (most recent call last):
File "", line 1, in File "/usr/lib64/python2.7/site-packages/pycheddar-0.9.3-py2.7.egg/pycheddar/init.py", line 468, in all

return Customer.search()

File "/usr/lib64/python2.7/site-packages/pycheddar-0.9.3-py2.7.egg/pycheddar/init.py", line 482, in search

xml = CheddarGetter.request('/customers/get/', **kwargs)

File "/usr/lib64/python2.7/site-packages/pycheddar-0.9.3-py2.7.egg/pycheddar/init.py", line 99, in request

'content-type': 'application/x-www-form-urlencoded'

File "/usr/lib64/python2.7/site-packages/httplib2-0.7.1-py2.7.egg/httplib2/init.py", line 1436, in request

(response, content) = self._request(conn, authority, uri, request_uri, method, body, headers, redirections, cachekey)

File "/usr/lib64/python2.7/site-packages/httplib2-0.7.1-py2.7.egg/httplib2/init.py", line 1188, in _request

(response, content) = self._conn_request(conn, request_uri, method, body, headers)

File "/usr/lib64/python2.7/site-packages/httplib2-0.7.1-py2.7.egg/httplib2/init.py", line 1123, in _conn_request

conn.connect()

File "/usr/lib64/python2.7/site-packages/httplib2-0.7.1-py2.7.egg/httplib2/init.py", line 899, in connect

'host %s: %s' % (hostname, cert), hostname, cert)

httplib2.CertificateHostnameMismatch: Server presented certificate that does not match host cheddargetter.com: {'notAfter': 'Jul 19 12:00:00 2011 GMT', 'subjectAltName': (('DNS', '.cheddargetter.com'), ('DNS', 'cheddargetter.com')), 'subject': ((('countryName', u'US'),), (('stateOrProvinceName', u'Indiana'),), (('localityName', u'Bloomington'),), (('organizationName', u'CheddarGetter LLC'),), (('commonName', u'.cheddargetter.com'),))}

1 Posted by Ryan on 02 Jul, 2011 10:31 AM

Traceback with corrected formatting:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib64/python2.7/site-packages/pycheddar-0.9.3-py2.7.egg/pycheddar/__init__.py", line 468, in all
    return Customer.search()
  File "/usr/lib64/python2.7/site-packages/pycheddar-0.9.3-py2.7.egg/pycheddar/__init__.py", line 482, in search
    xml = CheddarGetter.request('/customers/get/', **kwargs)
  File "/usr/lib64/python2.7/site-packages/pycheddar-0.9.3-py2.7.egg/pycheddar/__init__.py", line 99, in request
    'content-type': 'application/x-www-form-urlencoded'
  File "/usr/lib64/python2.7/site-packages/httplib2-0.7.1-py2.7.egg/httplib2/__init__.py", line 1436, in request
    (response, content) = self._request(conn, authority, uri, request_uri, method, body, headers, redirections, cachekey)
  File "/usr/lib64/python2.7/site-packages/httplib2-0.7.1-py2.7.egg/httplib2/__init__.py", line 1188, in _request
    (response, content) = self._conn_request(conn, request_uri, method, body, headers)
  File "/usr/lib64/python2.7/site-packages/httplib2-0.7.1-py2.7.egg/httplib2/__init__.py", line 1123, in _conn_request
    conn.connect()
  File "/usr/lib64/python2.7/site-packages/httplib2-0.7.1-py2.7.egg/httplib2/__init__.py", line 899, in connect
    'host %s: %s' % (hostname, cert), hostname, cert)
httplib2.CertificateHostnameMismatch: Server presented certificate that does not match host cheddargetter.com: {'notAfter': 'Jul 19 12:00:00 2011 GMT', 'subjectAltName': (('DNS', '*.cheddargetter.com'), ('DNS', 'cheddargetter.com')), 'subject': ((('countryName', u'US'),), (('stateOrProvinceName', u'Indiana'),), (('localityName', u'Bloomington'),), (('organizationName', u'CheddarGetter LLC'),), (('commonName', u'*.cheddargetter.com'),))}

Edit

2 Posted by Ryan on 04 Jul, 2011 08:16 AM

The code that causes this exception:

Python 2.7.1 (r271:86832, Mar 28 2011, 06:43:10) 
[GCC 4.4.5] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import pycheddar
>>> pycheddar.CheddarGetter.auth('*******', '*******')
>>> pycheddar.CheddarGetter.set_product_code('STELLAAPP')
>>> pycheddar.Customer.all() # exception in here

Edit

Support Staff 3 Posted by Marc Guyer on 05 Jul, 2011 03:14 PM

HI Ryan -- Sorry for the delay. We don't usually support wrappers directly but I'll try to shed some light on this issue. Our certificate is a "wildcard" certificate which may be why your library doesn't like it. The certificate is valid for both cheddargetter.com and any subdomain.

There is likely a way to ask httplib2 not to validate the certificate as a workaround. If you find the solution, I'm sure the community would like to include the workaround in the wrapper you're using.

I've attached Sean, the original author of Sharpy, to this thread. Sean, could you weigh in on this?
- Edit
4 Posted by sean on 05 Jul, 2011 03:40 PM

Hello Ryan,

It looks like this problem is caused by a recent update to httplib2's SSL handling. I'll be finding and releasing a fix for sharpy in the next few days.

As an interim solution you can simply use an older version of httplib2. You can do this by running "pip install "httplib2==0.6.0"".

I'll update this discussion once I've pushed out the update for sharpy.
- Edit
5 Posted by Ryan on 06 Jul, 2011 04:56 PM

Thanks, Marc and sean. Downgrading httplib2 works, I'll be waiting for the update when it comes out.

PS: Marc, I accidentally put in an email, password, and product in the code sample in post #3, can you remove them or contact someone who can remove them? Thanks.
- Edit
Support Staff 6 Posted by Marc Guyer on 06 Jul, 2011 05:16 PM

Sean -- thanks for looking at that.

Ryan - your email/password is now masked.
- Edit
7 Posted by sean on 09 Sep, 2011 07:54 PM

Quick update on this, httplib2 have updated their code to include the godaddy root certificate. If you install using pip install "httplib2==dev" you won't get the error and httplib2 will actually check that cheddargetter's SSL cert is valid (protecting against man in the middle attacks).

Once httplib2 version 0.7.2 is released, the normal pip install httplib2 should "just work".
- Edit
8 Posted by DavidA on 17 Nov, 2011 06:19 PM

httplib2 0.7.2 has been released. It fixed the problem for me.
http://code.google.com/p/httplib2/downloads/list
- Edit
Dean closed this discussion on 18 Jan, 2013 03:40 PM.

Discussions are closed to public comments.
If you need help with Cheddar please start a new discussion.

New Issue
Conversation Started
The discussion is closed

No more actions from Cheddar or the discussion starter are required.
Re-open the discussion Re-open the discussion

Private Permissions

This discussion is private. Only you and Cheddar support staff can see and reply to it.

Public Permissions

This discussion is public. Everyone can see and reply to it.

Comments Feed

Keyboard shortcuts

Generic

?	Show this help
ESC	Blurs the current field

Comment Form

r	Focus the comment reply box
^ + ↩	Submit the comment

You can use Command ⌘ instead of Control ^ on Mac

Recent Discussions

	28 Mar, 2024 10:45 PM	PDF Invoices
	24 Jan, 2024 08:33 AM	Cancel Account
	11 Jan, 2024 07:13 AM	Users in my Cheddar account?
	30 Nov, 2023 02:07 AM	churn amount
	22 Nov, 2023 08:41 AM	testing

Recent Articles

	RBI regulations - context, FAQs, & next steps
	Configuring Stripe
	Configuring AuthorizeNet
	Pricing Plan Basics
	Marketing Metrics Cookie Best Practices

CertificateHostnameMismatch on Python wrapper

Ryan

New Issue

Conversation Started

The discussion is closed

Re-open the discussion Re-open the discussion