disable default certificate verification in python 2.7.9

I think another way to disable certificate verification could be:

import xmlrpclib
import ssl

s=ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
s.verify_mode=ssl.CERT_NONE

test=xmlrpclib.Server('https://admin:bz15h9v9n@localhost:9999/API',verbose=0,context=s)

It's possible to disable verification using the public ssl APIs existing on Python 2.7.9+:

import xmlrpclib
import ssl

ssl_ctx = ssl.create_default_context()
ssl_ctx.check_hostname = False
ssl_ctx.verify_mode = ssl.CERT_NONE
test = xmlrpclib.ServerProxy('https://admin:bz15h9v9n@localhost:9999/API',
                             verbose=False, use_datetime=True, 
                             context=ssl_ctx)
test.list_satellites()

You have to provide an unverified SSL context, constructed by hand or using the private function _create_unverified_context() from ssl module:

import xmlrpclib
import ssl

test = xmlrpclib.ServerProxy('https://admin:bz15h9v9n@localhost:9999/API',
                             verbose=False, use_datetime=True, 
                             context=ssl._create_unverified_context())
test.list_satellites()

Note: this code only works with python >= 2.7.9 (contextparameter was added in Python 2.7.9)

If you want to have a code compatible with previous Python version, you have to use the transport parameter:

import xmlrpclib
import ssl

context = hasattr(ssl, '_create_unverified_context') and ssl._create_unverified_context() \
          or None
test = xmlrpclib.ServerProxy('https://admin:bz15h9v9n@localhost:9999/API',
                             verbose=False, use_datetime=True, 
                             transport=xmlrpclib.SafeTransport(use_datetime=True, 
                                                               context=context))
test.list_satellites()

disable default certificate verification in python 2.7.9

Tags:

Python

Ssl

Related

Recent Posts