I installed the self-signed root ca cert in debian /usr/share/ca-certificates/local and installed them using sudo dpkg-reconfigure ca-certificates . Currently true | gnutls-cli mysite.local true | gnutls-cli mysite.local happy and true | openssl s_client -connect mysite.local:443 true | openssl s_client -connect mysite.local:443 happy, but the python2 and python3 request module insists that it is not happy with the certificate.
python2:
Traceback (most recent call last): File "<string>", line 1, in <module> File "/usr/local/lib/python2.7/site-packages/requests/api.py", line 70, in get return request('get', url, params=params, **kwargs) File "/usr/local/lib/python2.7/site-packages/requests/api.py", line 56, in request return session.request(method=method, url=url, **kwargs) File "/usr/local/lib/python2.7/site-packages/requests/sessions.py", line 488, in request resp = self.send(prep, **send_kwargs) File "/usr/local/lib/python2.7/site-packages/requests/sessions.py", line 609, in send r = adapter.send(request, **kwargs) File "/usr/local/lib/python2.7/site-packages/requests/adapters.py", line 497, in send raise SSLError(e, request=request) requests.exceptions.SSLError: ("bad handshake: Error([('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')],)",)
python3
Traceback (most recent call last): File "<string>", line 1, in <module> File "/usr/local/bin/python3.5/site-packages/requests/api.py", line 70, in get return request('get', url, params=params, **kwargs) File "/usr/local/bin/python3.5/site-packages/requests/api.py", line 56, in request return session.request(method=method, url=url, **kwargs) File "/usr/local/bin/python3.5/site-packages/requests/sessions.py", line 488, in request resp = self.send(prep, **send_kwargs) File "/usr/local/bin/python3.5/site-packages/requests/sessions.py", line 609, in send r = adapter.send(request, **kwargs) File "/usr/local/bin/python3.5/site-packages/requests/adapters.py", line 497, in send raise SSLError(e, request=request) requests.exceptions.SSLError: ("bad handshake: Error([('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')],)",)
Why does python ignore the system ca-certificate package and how to integrate it?