OpenSSL.SSL.Error: [('SSL routines', 'ssl3_read_bytes', 'sslv3 alert certificate unknown')]

[VicTangg]

Hi,

Thank you for the library. I wrote a piece of codes on Repl and that works very well. However, when I run the same piece of code on my machine, the error stated in the title occurs... The different I notice is that OpenSSL on local machine is 1.0.2 and on the Repl is 1.0.1. May I know what else may cause this kind of issue? Thank you!

Yours, Victor

[vog]

Unfortunately, OpenSSL error messages are often not very detailed. Among all possible errors, there are 2 or 3 typical messages that occur in "almost every" error case, making that error messages only useful for a first guess but not much more.

In your specific case, the problem may or may not be related to the PKCS12 client certificate. It could as well be related to the server certificate and/or the local trust chains used for verifying. Especially in the latter case, you might have more luck asking at the requests library project.

Regarding this tiny requests_pkcs12 library, there's actually just one thing you can try:

• Just for testing, convert your PKCS#12 client certificate to a (passwordless) PEM file, e.g. using the openssl command line tool.
• Then use requests directly without requests_pkcs12 using the cert parameter.

This is not meant to be a permanent solution. requests_pkcs12 is specifically designed so you don't need that kind of dirty workarounds. But this will help you for debugging, as you can see if your problem is related to requests_pkcs12 or not. In the latter case, you could then go directly to the requests or PyOpenSSL projects, which have bigger communities, and ask there.

[vog]

This issue is several months old, so I assume you were able to solve your problem on your own. I'm closing this issue for now. If this problem still exists, feel free to reopen this issue and provide further details.