Uploaded image for project: 'Python Driver'
  1. Python Driver
  2. PYTHON-2936

Test Failure - test_validation_with_system_ca_certs macOS + pyOpenSSL

    • Type: Icon: Task Task
    • Resolution: Gone away
    • Priority: Icon: Unknown Unknown
    • None
    • Affects Version/s: None
    • Component/s: Tests
    • None

      test_validation_with_system_ca_certs is failing on macOS with pyOpenSSL. Seems like a potential regression in PyOpenSSL or a bug in certifi's bundled certs:

       [2021/10/05 05:20:58.149] ERROR: test_validation_with_system_ca_certs (test_ssl.TestSSL)
       [2021/10/05 05:20:58.149] ----------------------------------------------------------------------
       [2021/10/05 05:20:58.149] Traceback (most recent call last):
       [2021/10/05 05:20:58.149]   File "/data/mci/788d2025b647a031a88cee6924ca0960/src/test/__init__.py", line 551, in wrap
       [2021/10/05 05:20:58.149]     return f(*args, **kwargs)
       [2021/10/05 05:20:58.149]   File "/data/mci/788d2025b647a031a88cee6924ca0960/src/test/__init__.py", line 551, in wrap
       [2021/10/05 05:20:58.149]     return f(*args, **kwargs)
       [2021/10/05 05:20:58.149]   File "/data/mci/788d2025b647a031a88cee6924ca0960/src/test/utils.py", line 803, in wrapper
       [2021/10/05 05:20:58.149]     return wrapped(*args, **kwargs)
       [2021/10/05 05:20:58.149]   File "/data/mci/788d2025b647a031a88cee6924ca0960/src/test/test_ssl.py", line 399, in test_validation_with_system_ca_certs
       [2021/10/05 05:20:58.149]     connected(MongoClient('server',
       [2021/10/05 05:20:58.149]   File "/data/mci/788d2025b647a031a88cee6924ca0960/src/pymongo/mongo_client.py", line 699, in __init__
       [2021/10/05 05:20:58.149]     self.__options = options = ClientOptions(
       [2021/10/05 05:20:58.149]   File "/data/mci/788d2025b647a031a88cee6924ca0960/src/pymongo/client_options.py", line 172, in __init__
       [2021/10/05 05:20:58.149]     self.__pool_options = _parse_pool_options(options)
       [2021/10/05 05:20:58.149]   File "/data/mci/788d2025b647a031a88cee6924ca0960/src/pymongo/client_options.py", line 139, in _parse_pool_options
       [2021/10/05 05:20:58.149]     ssl_context, tls_allow_invalid_hostnames = _parse_ssl_options(options)
       [2021/10/05 05:20:58.149]   File "/data/mci/788d2025b647a031a88cee6924ca0960/src/pymongo/client_options.py", line 108, in _parse_ssl_options
       [2021/10/05 05:20:58.149]     ctx = get_ssl_context(
       [2021/10/05 05:20:58.149]   File "/data/mci/788d2025b647a031a88cee6924ca0960/src/pymongo/ssl_support.py", line 82, in get_ssl_context
       [2021/10/05 05:20:58.149]     ctx.load_default_certs()
       [2021/10/05 05:20:58.149]   File "/data/mci/788d2025b647a031a88cee6924ca0960/src/pymongo/pyopenssl_context.py", line 319, in load_default_certs
       [2021/10/05 05:20:58.149]     self._load_certifi()
       [2021/10/05 05:20:58.149]   File "/data/mci/788d2025b647a031a88cee6924ca0960/src/pymongo/pyopenssl_context.py", line 287, in _load_certifi
       [2021/10/05 05:20:58.149]     self.load_verify_locations(certifi.where())
       [2021/10/05 05:20:58.149]   File "/data/mci/788d2025b647a031a88cee6924ca0960/src/pymongo/pyopenssl_context.py", line 282, in load_verify_locations
       [2021/10/05 05:20:58.149]     self._callback_data.trusted_ca_certs = _load_trusted_ca_certs(cafile)
       [2021/10/05 05:20:58.149]   File "/data/mci/788d2025b647a031a88cee6924ca0960/src/pymongo/ocsp_support.py", line 79, in _load_trusted_ca_certs
       [2021/10/05 05:20:58.149]     _load_pem_x509_certificate(cert_data, backend))
       [2021/10/05 05:20:58.149]   File "/data/mci/788d2025b647a031a88cee6924ca0960/src/pyopenssltest/lib/python3.9/site-packages/cryptography/x509/base.py", line 436, in load_pem_x509_certificate
       [2021/10/05 05:20:58.149]     return rust_x509.load_pem_x509_certificate(data)
       [2021/10/05 05:20:58.149] ValueError: error parsing asn1 value: ParseError { kind: InvalidValue, location: ["RawCertificate::tbs_cert", "TbsCertificate::serial"] }
      

      https://evergreen.mongodb.com/task/mongo_python_driver_tests_pyopenssl_macOS__platform~macos_1014_auth~auth_ssl~ssl_pyopenssl~enabled_test_latest_replica_set_9cb64775c97a800e2c3a7cf54cb732f95b37332b_21_09_29_23_36_50

            Assignee:
            shane.harvey@mongodb.com Shane Harvey
            Reporter:
            shane.harvey@mongodb.com Shane Harvey
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: