I'm getting an error when connecting to www.mydomain.com using Python 2.7.12, on a fairly new machine that uses Windows 8.1. The error is SSL: CERTIFICATE_VERIFY_FAILED on the ssl_sock.connect line of the code below. The code wraps an SSL connection in an context, and specifies I don't want to carry out certificate verification:
ssl._create_default_https_context = ssl._create_unverified_context
s_ = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
context.verify_mode = ssl.CERT_NONE
context.check_hostname = True
context.load_default_certs()
ssl_sock = context.wrap_socket(s_, server_hostname=myurl)
ssl_sock.connect((myurl, int(myportno)))
I've tried adding the plain text version of the security certificate from the server I'm trying to connect to, to the default certificate file that Python references - that didn't work (in any case, it doesn't make sense that I should need to do this)
When I browse to the domain I'm trying to connect to, the browser also doesn't trust the remote server certificate, however I've examined the certificate that's bound to the domain and it's validating fine. What could be causing the mistrust? (I'm currently investigating removal of a Windows security patch from the machine where I'm getting the error, to see if that could be the cause)
(this issue has occurred on other computers using the same code, however it seems to resolve after Windows retrieves a full set of updates. The machine where the problem is persisting also has a full set of updates however)
