[yocto] Missing certificates
Gary Thomas
gary at mlbassoc.com
Fri Jul 24 13:17:14 PDT 2015
On 2015-07-24 14:09, Christopher Larson wrote:
>
> On Fri, Jul 24, 2015 at 12:49 PM, Gary Thomas <gary at mlbassoc.com <mailto:gary at mlbassoc.com>> wrote:
>
> On 2015-07-24 13:30, Aníbal Limón wrote:
>
> Hi Gary,
>
> What version of python do you use?.
>
> Since 2.7.9 cert checking is enabled by default causing this kind of errors. [1]
>
> [1] https://www.python.org/dev/peps/pep-0476/
>
> Kind regards,
> alimon
>
>
> I'm using the stock python 2.7.9 from Poky/Yocto master:901be2cb69892595443ed41ab4be285932db15eb
>
> Is there an answer for this that's a bit less intrusive?
> Perhaps there could be a DISTRO or even IMAGE feature to
> enable/disable this checking?
>
> The pep you referenced mostly talks about why this was changed
> and how to disable it - manually within the python code itself.
> What I don't see is where/how/what to change/import to actually
> let the full certificate checking happen.
>
>
> I think the better bet is to fix it so it actually finds the certs from ca-certificates rather than bypassing certificate checking, personally, but I can see how that would be a
> useful workaround. :)
I tried this same code on my Ubuntu 15.04 desktop and it looks
like they've disabled it in the main python http[s] code - there
were no certificates examined during the transaction as far as
I could tell (strace is my friend)
I'll see if I can figure out how to stitch this together with our
[Poky/Yocto/OE-core] setup for OpenSSL and ca-certificates.
--
------------------------------------------------------------
Gary Thomas | Consulting for the
MLB Associates | Embedded world
------------------------------------------------------------
More information about the yocto
mailing list