FreeBSD Port: lang/python27
Kubilay Kocak
koobs at FreeBSD.org
Fri Jan 30 01:08:06 UTC 2015
On 30/01/2015 5:49 AM, michele wrote:
> Hey folks,
>
> I’m dropping a quick note on this; didn’t have the time to look through:
>
>
> Python 2.7.9 introduced SSL certificate validation by default. The default distribution
> expects the CA at /etc/ssl/ , but FreeBSD stores it in /usr/local/etc/ssl .
>
> This silently breaks all systems using SSL connection without change to infrastructure
> or code. A simple symlink (see below) fixes the issue. I suppose this also effectively
> requires to add "ca_root_nss" to RUN_DEPENDS.
>
> http://www.quora.com/Are-your-Python-scripts-failing-like-this-urllib2-URLError-urlopen-error-SSL-CERTIFICATE_VERIFY_FAILED-certificate-verify-failed
>
> cheers
> michele
Thanks Michele,
The issue is slightly more complex than that (tldr; Python uses OpenSSL
functions, not cert paths)
If you're using Ports OpenSSL (for Python):
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196431
If you're using Base OpenSSL (for Python):
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=189811
Got you covered, thanks for the +1 report :)
./koobs
More information about the freebsd-python
mailing list