Uploaded image for project: 'Python Driver'
  1. Python Driver
  2. PYTHON-2293

OCSP test script (tools/ocsptest.py) does not work on Windows

    XMLWordPrintableJSON

Details

    • Task
    • Status: Closed
    • Major - P3
    • Resolution: Fixed
    • None
    • 3.11
    • TLS/SSL
    • None

    Description

      OCSP test script (tools/ocsptest.py) does not work on Windows:

      $ pip list
      		 
      Package          Version
      		 
      ---------------- -------------
      		 
      attrs            19.3.0
      		 
      certifi          2020.4.5.2
      		 
      cffi             1.14.0
      		 
      chardet          3.0.4
      		 
      cryptography     2.9.2
      		 
      idna             2.9
      		 
      pip              20.1.1
      		 
      pyasn1           0.4.8
      		 
      pyasn1-modules   0.2.8
      		 
      pycparser        2.20
      		 
      pymongo          3.11.0b2.dev0
      		 
      pyOpenSSL        19.1.0
      		 
      requests         2.23.0
      		 
      service-identity 18.1.0
      		 
      setuptools       47.3.0
      		 
      six              1.15.0
      		 
      urllib3          1.25.9
      		 
      wheel            0.34.2
      		 
      (venv3.8)
      		 
      $ python tools/ocsptest.py --host google.com
      		 
      Traceback (most recent call last):
      		 
        File "tools/ocsptest.py", line 56, in <module>
      		 
          main()
      		 
        File "tools/ocsptest.py", line 53, in main
      		 
          check_ocsp(args.host, args.port, args.ca_file)
      		 
        File "tools/ocsptest.py", line 39, in check_ocsp
      		 
          s = ctx.wrap_socket(s, server_hostname=host)
      		 
        File "C:\cygwin\home\Administrator\venv3.8\lib\site-packages\pymongo\pyopenssl_context.py", line 295, in wrap_socket
      		 
          ssl_conn.do_handshake()
      		 
        File "C:\cygwin\home\Administrator\venv3.8\lib\site-packages\pymongo\pyopenssl_context.py", line 110, in do_handshake
      		 
          return self._call(super(_sslConn, self).do_handshake, *args, **kwargs)
      		 
        File "C:\cygwin\home\Administrator\venv3.8\lib\site-packages\pymongo\pyopenssl_context.py", line 101, in _call
      		 
          return call(*args, **kwargs)
      		 
        File "C:\cygwin\home\Administrator\venv3.8\lib\site-packages\OpenSSL\SSL.py", line 1934, in do_handshake
      		 
          self._raise_ssl_error(self._ssl, result)
      		 
        File "C:\cygwin\home\Administrator\venv3.8\lib\site-packages\OpenSSL\SSL.py", line 1671, in _raise_ssl_error
      		 
          _raise_current_error()
      		 
        File "C:\cygwin\home\Administrator\venv3.8\lib\site-packages\OpenSSL\_util.py", line 54, in exception_from_error_queue
      		 
          raise exception_type(errors)
      		 
      OpenSSL.SSL.Error: [('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')]
      		 
      (venv3.8)

      Attachments

        Issue Links

          related to

          Task - A task that needs to be done. PYTHON-2280 Investigate slow OCSP endpoint checks on Windows

          • Major - P3 - Major loss of function.
          • Closed

          Activity

            People

              shane.harvey@mongodb.com Shane Harvey
              shane.harvey@mongodb.com Shane Harvey
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: