-
Type: Task
-
Resolution: Gone away
-
Priority: Unknown
-
None
-
Affects Version/s: None
-
Component/s: Tests
-
None
-
(copied to CRM)
test_validation_with_system_ca_certs is failing on macOS with pyOpenSSL. Seems like a potential regression in PyOpenSSL or a bug in certifi's bundled certs:
[2021/10/05 05:20:58.149] ERROR: test_validation_with_system_ca_certs (test_ssl.TestSSL) [2021/10/05 05:20:58.149] ---------------------------------------------------------------------- [2021/10/05 05:20:58.149] Traceback (most recent call last): [2021/10/05 05:20:58.149] File "/data/mci/788d2025b647a031a88cee6924ca0960/src/test/__init__.py", line 551, in wrap [2021/10/05 05:20:58.149] return f(*args, **kwargs) [2021/10/05 05:20:58.149] File "/data/mci/788d2025b647a031a88cee6924ca0960/src/test/__init__.py", line 551, in wrap [2021/10/05 05:20:58.149] return f(*args, **kwargs) [2021/10/05 05:20:58.149] File "/data/mci/788d2025b647a031a88cee6924ca0960/src/test/utils.py", line 803, in wrapper [2021/10/05 05:20:58.149] return wrapped(*args, **kwargs) [2021/10/05 05:20:58.149] File "/data/mci/788d2025b647a031a88cee6924ca0960/src/test/test_ssl.py", line 399, in test_validation_with_system_ca_certs [2021/10/05 05:20:58.149] connected(MongoClient('server', [2021/10/05 05:20:58.149] File "/data/mci/788d2025b647a031a88cee6924ca0960/src/pymongo/mongo_client.py", line 699, in __init__ [2021/10/05 05:20:58.149] self.__options = options = ClientOptions( [2021/10/05 05:20:58.149] File "/data/mci/788d2025b647a031a88cee6924ca0960/src/pymongo/client_options.py", line 172, in __init__ [2021/10/05 05:20:58.149] self.__pool_options = _parse_pool_options(options) [2021/10/05 05:20:58.149] File "/data/mci/788d2025b647a031a88cee6924ca0960/src/pymongo/client_options.py", line 139, in _parse_pool_options [2021/10/05 05:20:58.149] ssl_context, tls_allow_invalid_hostnames = _parse_ssl_options(options) [2021/10/05 05:20:58.149] File "/data/mci/788d2025b647a031a88cee6924ca0960/src/pymongo/client_options.py", line 108, in _parse_ssl_options [2021/10/05 05:20:58.149] ctx = get_ssl_context( [2021/10/05 05:20:58.149] File "/data/mci/788d2025b647a031a88cee6924ca0960/src/pymongo/ssl_support.py", line 82, in get_ssl_context [2021/10/05 05:20:58.149] ctx.load_default_certs() [2021/10/05 05:20:58.149] File "/data/mci/788d2025b647a031a88cee6924ca0960/src/pymongo/pyopenssl_context.py", line 319, in load_default_certs [2021/10/05 05:20:58.149] self._load_certifi() [2021/10/05 05:20:58.149] File "/data/mci/788d2025b647a031a88cee6924ca0960/src/pymongo/pyopenssl_context.py", line 287, in _load_certifi [2021/10/05 05:20:58.149] self.load_verify_locations(certifi.where()) [2021/10/05 05:20:58.149] File "/data/mci/788d2025b647a031a88cee6924ca0960/src/pymongo/pyopenssl_context.py", line 282, in load_verify_locations [2021/10/05 05:20:58.149] self._callback_data.trusted_ca_certs = _load_trusted_ca_certs(cafile) [2021/10/05 05:20:58.149] File "/data/mci/788d2025b647a031a88cee6924ca0960/src/pymongo/ocsp_support.py", line 79, in _load_trusted_ca_certs [2021/10/05 05:20:58.149] _load_pem_x509_certificate(cert_data, backend)) [2021/10/05 05:20:58.149] File "/data/mci/788d2025b647a031a88cee6924ca0960/src/pyopenssltest/lib/python3.9/site-packages/cryptography/x509/base.py", line 436, in load_pem_x509_certificate [2021/10/05 05:20:58.149] return rust_x509.load_pem_x509_certificate(data) [2021/10/05 05:20:58.149] ValueError: error parsing asn1 value: ParseError { kind: InvalidValue, location: ["RawCertificate::tbs_cert", "TbsCertificate::serial"] }
- related to
-
PYTHON-2147 OCSP callback should use the verified peer certificate chain to find the cert issuer
- Closed