Python 2.7.9 looks for SSL certificates in /etc/ssl instead of /usr/local/etc/ssl
James D. Lin
jamesdlin at gmail.com
Mon Dec 29 05:18:49 UTC 2014
Hello,
I recently upgraded to Python 2.7.9 from the ports collection on my FreeBSD
10.0 system, and Python 2.7.9's change to enable SSL verification
unexpectedly broke several of my Python scripts that made https connections
to sites with valid SSL certificates. The reason is that Python is looking
for the CA file at /etc/ssl/cert.pem, which does not exist in my FreeBSD
installation. I do, however, have a /usr/local/etc/ssl/cert.pem file
(which is actually a symlink to /usr/local/share/certs/ca-root-nss.crt):
Calling ssl.get_default_verify_paths() in Python returns:
DefaultVerifyPaths(cafile=None,
capath=None,
openssl_cafile_env='SSL_CERT_FILE',
openssl_cafile='/etc/ssl/cert.pem',
openssl_capath_env='SSL_CERT_DIR',
openssl_capath='/etc/ssl/certs')
Is this something that can (and should) be corrected in the Python 2.7.9
port?
Thanks,
- James
More information about the freebsd-python
mailing list