course_list fails using https with self-signed certificate

Operating system

Linux

`nbgrader --version`

0.6.0

`jupyterhub --version` (if used with JupyterHub)

N/A

`jupyter notebook --version`

6.0.1

Expected behavior

Able to load "course_list" tab in notebook home page

Actual behavior

Tab fails to load with messages about SSL Certificate not being valid

Steps to reproduce the behavior

Having followed the instructions here: https://jupyter-notebook.readthedocs.io/en/stable/public_server.html , specifically those under "Using SSL for encrypted communication", I run a jupyter notebook server on a remote machine and log into it by name over https (rather than by token to localhost). This relies on a self-signed ssl certificate not registered with any CA: for external security I am relying on the fact that network firewall means the machine is inaccessible from outside, so this is not a big worry.

As of the previous version of nbgrader (I was on 0.5.5) this was fine. In the new version, there is a problem fetching the new course list. In check_for_local_formgrader in nbgrader/server_extensions/course_list/handlers.py the code tries to use tornado to connect to the local formgrader: url = base_url + "/formgrader/api/status" header = {"Authorization": "token {}".format(self.token)} http_client = AsyncHTTPClient() try: response = yield http_client.fetch(url, headers=header)

This fails for the above security settings, with a message of the form: WARNING:tornado.general:SSL Error on 16 ('137.205.125.41', 8888): [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:841)

The relevant keys are present in c.NotebookApp.keyfile and c.NotebookApp.certfile as defined in .jupyter/jupyter_notebook_config.py but they do not seem to be getting passed on to this request to tornado.

I have tried but failed to work out if there are any global settings related to ssl certificates used by tornado that I can change.

jupyter / nbgrader