Uploaded image for project: 'Python Driver'
  1. Python Driver
  2. PYTHON-1125

An invalid ssl_certfile causes MongoClient to raise ssl.SSLError in Python2.7+

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Minor - P4 Minor - P4
    • 3.4
    • Affects Version/s: None
    • Component/s: None
    • None
    • Minor Change

      Passing an invalid ssl_certfile to MongoClient on Python 2.7+ raises this very unhelpful error:

      Python 2.7.10 (default, Oct 23 2015, 19:19:21)
      [GCC 4.2.1 Compatible Apple LLVM 7.0.0 (clang-700.0.59.5)] on darwin
      Type "help", "copyright", "credits" or "license" for more information.
      >>> from pymongo.mongo_client import MongoClient
      >>> import ssl
      >>> MongoClient('localhost', ssl=True, ssl_cert_reqs=ssl.CERT_NONE,ssl_certfile='README.rst',serverSelectionTimeoutMS=100)
      Traceback (most recent call last):
        File "<stdin>", line 1, in <module>
        File "pymongo/mongo_client.py", line 373, in __init__
          username, password, dbase, opts)
        File "pymongo/client_options.py", line 141, in __init__
          self.__pool_options = _parse_pool_options(options)
        File "pymongo/client_options.py", line 114, in _parse_pool_options
          ssl_context, ssl_match_hostname = _parse_ssl_options(options)
        File "pymongo/client_options.py", line 95, in _parse_ssl_options
          certfile, keyfile, passphrase, ca_certs, cert_reqs, crlfile)
        File "pymongo/ssl_support.py", line 116, in get_ssl_context
          ctx.load_cert_chain(certfile, keyfile)
      ssl.SSLError: [SSL] PEM lib (_ssl.c:2580)
      

      ssl.SSLError should be caught and re-raised as a pymongo.error.ConfigurationError.

            Assignee:
            shane.harvey@mongodb.com Shane Harvey
            Reporter:
            shane.harvey@mongodb.com Shane Harvey
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: