@SethMichaelLarson
Hi there, I'm seeing a similar issue to the one linked above. The solution in that issue was to upgrade pyOpenSSL, requests, and urllib3 to latest and retry, unfortunately, upgrading to latest hasn't helped me.
I'm running python 3.6 in this case.
python -m pip freeze yields:
address==0.1.1
amqp==1.4.6
anyjson==0.3.3
asn1crypto==0.24.0
astroid==1.4.4
autopep8==1.3.4
billiard==3.3.0.20
certifi==2018.1.18
cffi==1.5.2
chardet==3.0.4
click==6.7
colorama==0.3.7
cryptography==2.2.1
dj-static==0.0.6
Django==1.11.2
django-admin-views==0.7.0
django-bootstrap3==9.0.0
django-common-helpers==0.9.1
django-cron==0.5.0
django-enumfield==1.1.2
django-enumfields==0.8.2
django-extensions==1.7.4
django-floppyforms==1.7.1.dev1
django-ipware==1.1.6
django-localflavor==1.1
django-macros==0.4.0
django-periodically==0.3.0
django-pgfields==1.4.4
django-s3direct==0.4.2
django-user-agents==0.3.0
djangorestframework==3.4.7
djorm-pgarray==1.2
enum34==1.1.6
flake8==3.3.0
fleet==1.4.0
funcsigs==0.4
future==0.16.0
gnureadline==6.3.3
gunicorn==19.0.0
idna==2.1
ipaddress==1.0.16
ipdb==0.8
ipython==2.4.0
itsdangerous==0.24
Jinja2==2.7.2
kombu==3.0.26
lazy-object-proxy==1.2.1
Markdown==2.5.2
MarkupSafe==0.21
mccabe==0.6.1
mock==1.3.0
model-mommy==1.3.0
ndg-httpsclient==0.4.0
oauthlib==0.7.2
pbr==1.8.1
Pillow==2.7.0
probableparsing==0.0.1
psycopg2==2.6.2
pyasn1==0.1.9
pycodestyle==2.3.1
pycparser==2.14
pycrypto==2.6.1
pyflakes==1.5.0
PyJWT==0.3.1
pylint==1.5.4
pyOpenSSL==17.5.0
python-crfsuite==0.9.5
python-keyczar==0.716
python-openid==2.2.5
pytz==2017.2
PyYAML==3.11
raven==5.1.1
requests==2.18.1
requests-oauthlib==0.4.2
six==1.10.0
slackweb==1.0.5
static3==0.5.1
street-address==0.3.0
ua-parser==0.7.2
urllib3==1.22
usaddress==0.5.10
user-agents==1.0.1
Werkzeug==0.9.6
wrapt==1.10.6
xmltodict==0.10.2
Here is some sample code that reproduces the it:
import requests
def get_cert_path(extension):
return '<path_to_cert>/<name_of_cert>.' + extension
response = requests.get(
'https://<url>',
verify=get_cert_path('pem'),
cert=(
get_cert_path('cert'),
get_cert_path('key')
)
)
print(response.status_code)
With all the cert paths and urls in place, I get:
/Users/<user>/.pyenv/versions/uplift/lib/python3.6/site-packages/urllib3/connection.py:344: SubjectAltNameWarning: Certificate for <url> has no `subjectAltName`, falling back to check for a `commonName` for now. This feature is being removed by major browsers and deprecated by RFC 2818. (See https://github.com/shazow/urllib3/issues/497 for details.)
SubjectAltNameWarning
200
Any advice you can offer would be much appreciated. Thanks! 馃槃
This isn't a bug. The server you're talking to doesn't provide that field in the certificate it's returning. #497 has all the details as well as when urllib3 will stop actually validating that certificate (given that most browsers no longer support it either).
Can you share the output of openssl s_client -connect host:port
Ah, you're exactly correct, it's not in there. We're good to close this; thanks for your prompt response!
Most helpful comment
This isn't a bug. The server you're talking to doesn't provide that field in the certificate it's returning. #497 has all the details as well as when urllib3 will stop actually validating that certificate (given that most browsers no longer support it either).
Can you share the output of
openssl s_client -connect host:port