SSLError when making SSL requests using python's `requests` library

[0atman]

When I requests a HTTPS url with python's requests library, I get this SSLError:

Traceback (most recent call last):
  File "/bin/run-hook-python", line 26, in <module>
    exec code
  File "<string>", line 12, in <module>
  File "/usr/lib/python2.7/dist-packages/requests/api.py", line 88, in post
    return request('post', url, data=data, **kwargs)
  File "/usr/lib/python2.7/dist-packages/requests/api.py", line 44, in request
    return session.request(method=method, url=url, **kwargs)
  File "/usr/lib/python2.7/dist-packages/requests/sessions.py", line 455, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/lib/python2.7/dist-packages/requests/sessions.py", line 558, in send
    r = adapter.send(request, **kwargs)
  File "/usr/lib/python2.7/dist-packages/requests/adapters.py", line 385, in send
    raise SSLError(e)
requests.exceptions.SSLError: [Errno 185090050] _ssl.c:344: error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib

The way to fix this, for the moment, is to not verify certs when making a SSL request[1]:

requests.get('https://example.com', verify=False)

However, this shouldn't be a long-term solution. I think that the requests library can't find/doesn't have perms to access cert information. See [1] for details.

[1] http://stackoverflow.com/questions/24973326/requests-exceptions-sslerror-errno-185090050

[Marak]

@0atman -

Good catch!

All hook services are run in a fairly restricted chroot environment. Most likely it's just missing the file.

I think if we copy the cert into the jail it might work. If not it looks like we can also set the REQUESTS_CA_BUNDLE environment variable.

I'll log into the server in the next day or so and see if I can get requests to work with HTTPS.

Could you provide a test hook showing the issue? That would help in getting this to work.

Thanks!

[0atman]

Test hook written! it tries to print https://api.github.com https://hook.io/0atman/ssl