[yocto] Missing certificates
Aníbal Limón
anibal.limon at linux.intel.com
Fri Jul 24 13:02:27 PDT 2015
On 24/07/15 14:49, Gary Thomas wrote:
> On 2015-07-24 13:30, Aníbal Limón wrote:
>> Hi Gary,
>>
>> What version of python do you use?.
>>
>> Since 2.7.9 cert checking is enabled by default causing this kind of
>> errors. [1]
>>
>> [1] https://www.python.org/dev/peps/pep-0476/
>>
>> Kind regards,
>> alimon
>
> I'm using the stock python 2.7.9 from Poky/Yocto
> master:901be2cb69892595443ed41ab4be285932db15eb
>
> Is there an answer for this that's a bit less intrusive?
> Perhaps there could be a DISTRO or even IMAGE feature to
> enable/disable this checking?
I don't think that Python guys include a configuration flags to disable
this behavior because it's
the default now due to security issues.
>
> The pep you referenced mostly talks about why this was changed
> and how to disable it - manually within the python code itself.
> What I don't see is where/how/what to change/import to actually
> let the full certificate checking happen.
You can use this code for disable per urlopen call or globally [1].
Regards,
alimon
[1] https://www.python.org/dev/peps/pep-0476/#opting-out
>
>>
>> On 24/07/15 13:02, Gary Thomas wrote:
>>> I was trying to run a simple fetch from python using
>>> url =
>>> 'https://raw.github.com/Itseez/opencv/master/samples/c/fruits.jpg'
>>> filedata = urllib2.urlopen(url).read()
>>>
>>> This failed:
>>> Traceback (most recent call last):
>>> File "./edge.py", line 36, in <module>
>>> filedata = urllib2.urlopen(url).read()
>>> File "/usr/lib/python2.7/urllib2.py", line 154, in urlopen
>>> return opener.open(url, data, timeout)
>>> File "/usr/lib/python2.7/urllib2.py", line 431, in open
>>> response = self._open(req, data)
>>> File "/usr/lib/python2.7/urllib2.py", line 449, in _open
>>> '_open', req)
>>> File "/usr/lib/python2.7/urllib2.py", line 409, in _call_chain
>>> result = func(*args)
>>> File "/usr/lib/python2.7/urllib2.py", line 1240, in https_open
>>> context=self._context)
>>> File "/usr/lib/python2.7/urllib2.py", line 1197, in do_open
>>> raise URLError(err)
>>> urllib2.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED]
>>> certificate verify failed (_ssl.c:581)>
>>>
>>> I can see that it was looking for some certificates in
>>> /usr/lib/ssl/certs
>>> but that directory is missing.
>>>
>>> Anyone know what I might be missing (or have misconfigured)?
>>>
>>> Thanks
>>>
>
More information about the yocto
mailing list