search

dlanger / inlinestyler

A simple CSS inliner for generating HTML email messages.
http://pypi.python.org/pypi/inlinestyler
BSD 3-Clause "New" or "Revised" License
114 stars 23 forks source link

SSLError 'bad handshake' #16

Open uolter opened 8 years ago

uolter commented 8 years ago

I'm getting this fetching a css from anazon cloudfront

44 venv/local/lib/python2.7/site-packages/inlinestyler/converter.py in perform raise IOError('The stylesheet ' + element.get("href") + ' could not be found') ...

If I curl the url causing the issue straight from the machine everything is fine. Even with openssl: openssl s_client -connect d1q7usoul9xakv.cloudfront.net:443 -CApath /etc/ssl/certs/ Start Time: 144489408 Timeout : 300 (sec) Verify return code: 0 (ok)

I fixed the issue with a hack, but I don't think is perfect: In converter.py

Before css_content = requests.get(csspath).text

After: css_content = requests.get(csspath, verify=False).text

Can you please let me know if there is a better way to sort out this issue?

dlanger commented 8 years ago

If I had to guess, you're having the same issue which caused #18 - there's something wrong with your root certificate store (for whatever reason, requests isn't seeing the root certificate for CloudFront).

Could you try doing this from a command line (with the right URL), where you'd normally run the script:

python -c "import requests; print requests.get('http://YOUR_URL_HERE')"

and tell me what it returns?

uolter commented 8 years ago

Thank you Daniel for coming back to me.

You are right it's the exact same issue since Arvid is a colleague of mine. He just better formalized the hack I put in our staging environment.

If this is the solution it would be better to disable the ssh handshake with a configuration inside the django settings.py file.

Anyway, I would prefer to understand why the certificate it's no more valid. We'll see......

Thanks,

Walter Traspadini

On 21/10/2015 16:52, Daniel Langer wrote:

If I had to guess, you're having the same issue which caused #18 https://github.com/dlanger/inlinestyler/pull/18 - there's something wrong with your root certificate store (for whatever reason, |requests| isn't seeing the root certificate for CloudFront).

Could you try doing this from a command line (with the right URL), where you'd normally run the script:

|python -c "import requests; print requests.get('http://YOUR_URL_HERE')"|

and tell me what it returns?

— Reply to this email directly or view it on GitHub https://github.com/dlanger/inlinestyler/issues/16#issuecomment-149921893.

dlanger commented 8 years ago

I'm not crazy about adding an option to disable SSL certificate checking, but I'll consider it if we can't fix this otherwise. Is the production server where you're running this on Windows, Mac, or Linux?