-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Default certificates are never loaded since version 1.25 #1603
Comments
Yep, this looks incorrect. Unfortunately I can't currently think of a good way to handle this and maintain all our interfaces+contracts without calling |
Basically this boils down to |
Urllib3 is failing above version 1.25 with a certificate issue. Pin it for the time being. See urllib3/urllib3#1603
Urllib3 is failing above version 1.25 with a certificate issue. Pin it for the time being. See urllib3/urllib3#1603
* Setup a manual http server. Add unittest for multiple Set-Cookie header. * Add cherrypy based test for set-cookie through redirects. * Use source files for -dev tox environment. * Preserve original httplib response. Requests expects a low-level response object at Response.raw._original_response for its cookie handling. This is currently lost in the interface between VTS and responses. This PR stashes the response and retrieves it later to permit the proper behaviour of cookies. * Bump version and pin urllib3 Urllib3 is failing above version 1.25 with a certificate issue. Pin it for the time being. See urllib3/urllib3#1603 * Fix cookie-handling to cope with multiple cookies. - Vendor in and patch responses to handle cookies sent in comma-separated headers - Update tests
Opening an HTTPS URL with
urllib3>=1.25
results inSSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1056)')))
, example to reproduce is following:The reason is that default system certificates are never loaded because
HTTPSConnection
orVerificedHTTPSConnection
creates ssl context without loading certificates and passes it tossl_wrap_socket
where default certificates are not loaded too because passedssl_context
is notNone
. Related lines of code:src/urllib3/connection.py
:src/urllib3/util/ssl_.py
:The text was updated successfully, but these errors were encountered: