This issue tracker will soon become read-only and move to GitHub.
For a smoother transition, remember to log in and link your GitHub username to your profile.
For more information, see this post about the migration.

classification
Title: wrap_socket fails when load_cert_chain is called without setting the ciphers
Type: behavior Stage:
Components: SSL Versions: Python 3.8
process
Status: open Resolution:
Dependencies: Superseder:
Assigned To: christian.heimes Nosy List: christian.heimes, shreya1312
Priority: normal Keywords:

Created on 2021-10-01 15:51 by shreya1312, last changed 2021-10-01 16:01 by christian.heimes.

Pull Requests
URL Status Linked Edit
PR 28682 open shreya1312, 2021-10-01 15:51
Messages (2)
msg403019 - (view) Author: shreya (shreya1312) * Date: 2021-10-01 15:51
Example:

self.socket = ssl.wrap_socket(socket.socket(self.address_family, self.socket_type),
                                              keyfile=keys, certfile=certs, server_side=True, ciphers="DEFAULT@SECLEVEL=1")

Gives the following exception -

 File "ssl.py", line 1402, in wrap_socket
    context.load_cert_chain(certfile, keyfile)
ssl.SSLError: [SSL: EE_KEY_TOO_SMALL] ee key too small (_ssl.c:4023)
msg403020 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2021-10-01 16:01
The module level function ssl.wrap_socket() is deprecated, dangerous, and should not be used. I strongly recommend that you use SSLContext.
History
Date User Action Args
2021-10-01 16:01:56christian.heimessetmessages: + msg403020
2021-10-01 15:51:56shreya1312create