Commit ab3b2c3b authored by Julien Muchembled's avatar Julien Muchembled

Workaround waiting that we regenerate more secure certificates

Traceback (most recent call last):
  ...
  File "/usr/lib/python3.7/http/client.py", line 1376, in __init__
    context.load_cert_chain(cert_file, key_file)
ssl.SSLError: [SSL: CA_MD_TOO_WEAK] ca md too weak (_ssl.c:3824)
parent d20a99e3
......@@ -196,9 +196,11 @@ class NetworkcacheClient(object):
connection_kw['cert_file'] = self.config['sha%s-cert-file' % where]
connection_kw['key_file'] = self.config['sha%s-key-file' % where]
if hasattr(ssl, 'create_default_context'):
context = \
connection_kw['context'] = ssl.create_default_context(
cafile=self.config.get('sha%s-ca-file' % where)
)
context.set_ciphers('DEFAULT:@SECLEVEL=1') # XXX
connection = HTTPSConnection(**connection_kw)
else:
connection = HTTPConnection(**connection_kw)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment