Loading...

Type: Task
Resolution: Fixed
Priority: Unknown
Fix Version/s: 4.11
Affects Version/s: None
Component/s: None
Labels:
None

Assigned Teams:

Python Drivers

Documentation Changes:
Not Needed

Python 3.13 encryption tests are failing on macos:

 [2025/01/13 09:02:03.041] FAILURE: ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: Missing Authority Key Identifier (_ssl.c:1020) ()
 [2025/01/13 09:02:03.041] self = <test.test_encryption.TestKmsRetryProse testMethod=test_kms_retry>
 [2025/01/13 09:02:03.041]     def test_kms_retry(self):
 [2025/01/13 09:02:03.041]         if IS_PYOPENSSL:
 [2025/01/13 09:02:03.041]             self.skipTest(
 [2025/01/13 09:02:03.041]                 "PyOpenSSL does not support a required method for this test, Connection.makefile"
 [2025/01/13 09:02:03.041]             )
 [2025/01/13 09:02:03.041] >       self._test("aws", {"region": "foo", "key": "bar", "endpoint": "127.0.0.1:9003"})
 [2025/01/13 09:02:03.041] test/test_encryption.py:2911: 
 [2025/01/13 09:02:03.041] _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
 [2025/01/13 09:02:03.041] test/test_encryption.py:2884: in _test
 [2025/01/13 09:02:03.041]     self.http_post("/reset")
 [2025/01/13 09:02:03.041] test/test_encryption.py:2877: in http_post
 [2025/01/13 09:02:03.041]     conn.request("POST", path, body, headers)
 [2025/01/13 09:02:03.041] /Library/Frameworks/Python.Framework/Versions/3.13/lib/python3.13/http/client.py:1336: in request
 [2025/01/13 09:02:03.041]     self._send_request(method, url, body, headers, encode_chunked)
 [2025/01/13 09:02:03.041] /Library/Frameworks/Python.Framework/Versions/3.13/lib/python3.13/http/client.py:1382: in _send_request
 [2025/01/13 09:02:03.041]     self.endheaders(body, encode_chunked=encode_chunked)
 [2025/01/13 09:02:03.041] /Library/Frameworks/Python.Framework/Versions/3.13/lib/python3.13/http/client.py:1331: in endheaders
 [2025/01/13 09:02:03.041]     self._send_output(message_body, encode_chunked=encode_chunked)
 [2025/01/13 09:02:03.041] /Library/Frameworks/Python.Framework/Versions/3.13/lib/python3.13/http/client.py:1091: in _send_output
 [2025/01/13 09:02:03.041]     self.send(msg)
 [2025/01/13 09:02:03.041] /Library/Frameworks/Python.Framework/Versions/3.13/lib/python3.13/http/client.py:1035: in send
 [2025/01/13 09:02:03.041]     self.connect()
 [2025/01/13 09:02:03.041] /Library/Frameworks/Python.Framework/Versions/3.13/lib/python3.13/http/client.py:1477: in connect
 [2025/01/13 09:02:03.041]     self.sock = self._context.wrap_socket(self.sock,
 [2025/01/13 09:02:03.041] /Library/Frameworks/Python.Framework/Versions/3.13/lib/python3.13/ssl.py:455: in wrap_socket
 [2025/01/13 09:02:03.041]     return self.sslsocket_class._create(
 [2025/01/13 09:02:03.041] /Library/Frameworks/Python.Framework/Versions/3.13/lib/python3.13/ssl.py:1076: in _create
 [2025/01/13 09:02:03.041]     self.do_handshake()
 [2025/01/13 09:02:03.041] _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
 [2025/01/13 09:02:03.041] self = <ssl.SSLSocket [closed] fd=-1, family=2, type=1, proto=0>, block = False
 [2025/01/13 09:02:03.041]     @_sslcopydoc
 [2025/01/13 09:02:03.041]     def do_handshake(self, block=False):
 [2025/01/13 09:02:03.041]         self._check_connected()
 [2025/01/13 09:02:03.041]         timeout = self.gettimeout()
 [2025/01/13 09:02:03.041]         try:
 [2025/01/13 09:02:03.041]             if timeout == 0.0 and block:
 [2025/01/13 09:02:03.041]                 self.settimeout(None)
 [2025/01/13 09:02:03.041] >           self._sslobj.do_handshake()
 [2025/01/13 09:02:03.041] E           ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: Missing Authority Key Identifier (_ssl.c:1020)
 [2025/01/13 09:02:03.041] /Library/Frameworks/Python.Framework/Versions/3.13/lib/python3.13/ssl.py:1372: SSLCertVerificationError

https://spruce.mongodb.com/task/mongo_python_driver_encryption_macos_python3.13_test_latest_replica_set_noauth_ssl_sync_async_b9f4f796f1af1787b3fcf6d918abdd603d6d41e9_25_01_13_14_16_28?execution=0&sortBy=STATUS&sortDir=ASC

also the same error on windows:

 [2025/01/13 08:45:05.311] FAILURE: ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: Missing Authority Key Identifier (_ssl.c:1020) ()
 [2025/01/13 08:45:05.311] self = <test.test_encryption.TestKmsRetryProse testMethod=test_kms_retry>
 [2025/01/13 08:45:05.311]     def test_kms_retry(self):
 [2025/01/13 08:45:05.311]         if IS_PYOPENSSL:
 [2025/01/13 08:45:05.311]             self.skipTest(
 [2025/01/13 08:45:05.311]                 "PyOpenSSL does not support a required method for this test, Connection.makefile"
 [2025/01/13 08:45:05.311]             )
 [2025/01/13 08:45:05.311] >       self._test("aws", {"region": "foo", "key": "bar", "endpoint": "127.0.0.1:9003"})
 [2025/01/13 08:45:05.311] test\test_encryption.py:2911: 
 [2025/01/13 08:45:05.311] _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
 [2025/01/13 08:45:05.311] test\test_encryption.py:2884: in _test
 [2025/01/13 08:45:05.311]     self.http_post("/reset")
 [2025/01/13 08:45:05.311] test\test_encryption.py:2877: in http_post
 [2025/01/13 08:45:05.311]     conn.request("POST", path, body, headers)
 [2025/01/13 08:45:05.311] C:\python\Python313\Lib\http\client.py:1336: in request
 [2025/01/13 08:45:05.311]     self._send_request(method, url, body, headers, encode_chunked)
 [2025/01/13 08:45:05.311] C:\python\Python313\Lib\http\client.py:1382: in _send_request
 [2025/01/13 08:45:05.311]     self.endheaders(body, encode_chunked=encode_chunked)
 [2025/01/13 08:45:05.311] C:\python\Python313\Lib\http\client.py:1331: in endheaders
 [2025/01/13 08:45:05.311]     self._send_output(message_body, encode_chunked=encode_chunked)
 [2025/01/13 08:45:05.311] C:\python\Python313\Lib\http\client.py:1091: in _send_output
 [2025/01/13 08:45:05.311]     self.send(msg)
 [2025/01/13 08:45:05.311] C:\python\Python313\Lib\http\client.py:1035: in send
 [2025/01/13 08:45:05.311]     self.connect()
 [2025/01/13 08:45:05.311] C:\python\Python313\Lib\http\client.py:1477: in connect
 [2025/01/13 08:45:05.311]     self.sock = self._context.wrap_socket(self.sock,
 [2025/01/13 08:45:05.311] C:\python\Python313\Lib\ssl.py:455: in wrap_socket
 [2025/01/13 08:45:05.311]     return self.sslsocket_class._create(
 [2025/01/13 08:45:05.311] C:\python\Python313\Lib\ssl.py:1076: in _create
 [2025/01/13 08:45:05.311]     self.do_handshake()
 [2025/01/13 08:45:05.311] _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
 [2025/01/13 08:45:05.311] self = <ssl.SSLSocket [closed] fd=-1, family=2, type=1, proto=0>, block = False
 [2025/01/13 08:45:05.311]     @_sslcopydoc
 [2025/01/13 08:45:05.311]     def do_handshake(self, block=False):
 [2025/01/13 08:45:05.311]         self._check_connected()
 [2025/01/13 08:45:05.311]         timeout = self.gettimeout()
 [2025/01/13 08:45:05.311]         try:
 [2025/01/13 08:45:05.311]             if timeout == 0.0 and block:
 [2025/01/13 08:45:05.311]                 self.settimeout(None)
 [2025/01/13 08:45:05.311] >           self._sslobj.do_handshake()
 [2025/01/13 08:45:05.311] E           ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: Missing Authority Key Identifier (_ssl.c:1020)
 [2025/01/13 08:45:05.311] C:\python\Python313\Lib\ssl.py:1372: SSLCertVerificationError

https://spruce.mongodb.com/task/mongo_python_driver_encryption_crypt_shared_win64_python3.13_test_latest_replica_set_noauth_ssl_sync_async_b9f4f796f1af1787b3fcf6d918abdd603d6d41e9_25_01_13_14_16_28?execution=0&sortBy=STATUS&sortDir=ASC

Caused by the ssl context change in ~~PYTHON-5014~~: https://github.com/mongodb/mongo-python-driver/commit/6c9a20a49d37bff2f2163011d1ccd686f83555a6

is cloned by

PYTHON-5040 Regenerate test certificates to resolve Missing Authority Key Identifier error

Backlog

Details

Description

Attachments

Issue Links

Activity

People

Dates