I have a Python program which makes requests using httplib/http.client. It works beautifully in Python 2.7. Both Python2 and Python3 work 100% of the time with http. However, the program fails for some of our named servers using https from Python3.
We have Python 3.9.6 on OS X and Python 3.8.5 on AWS linux.
We have Python 2.7.18 AWS linux.
Here is the specific error I get:
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: Hostname mismatch, certificate is not valid for '{server name}'. (_ssl.c:1123)
Our IT department uses a wildcard cert for all our named servers in our Dev Cloud. I've double checked. The cert on the server where I'm getting the error matches the cert on a server where the connection from Python3 works.
Here's my code for importing the httplib module:
if PY_VERSION >= 3:
import http.client as httplib
else:
import httplib
and for the connection function:
if self.protocol == 'http':
self.httpConn = httplib.HTTPConnection
elif self.protocol == 'https':
self.httpConn = httplib.HTTPSConnection
and for the connection:
if self.protocol == 'https':
self.ssl_context = ssl.create_default_context()
self.the_conn = self.httpConn(self.site)
What changed from Python2 to Python3 that I can make a successful https connection from Python2, but from Python3 it fails?
As an aside, I tried a different program which uses the requests module and it can communicate with the troublesome server. Unfortunately, that is not a viable solution in this case because requests does not exist in Python2 and I need this program to work for all Python installations.