-
Notifications
You must be signed in to change notification settings - Fork 233
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ssl.SSLError: [SSL: CA_MD_TOO_WEAK] ca md too weak (_ssl.c:3816) #129
Comments
got the same problem. As far as I understand it, the certificate, that is shipped with this tool, is doesn't satisfy modern openssl minimum requirements. Solution: downgrade your openssl version to 1.0.1 or older and restart the tool. Works fine then. |
I know it's much better to use another certificate but sometimes there is no choise:
I know it's very rude solution. Use it as start point |
@matthias-mo workaround could be a solution, but downgrading it on my systems requires a lot of dependant packages to be updated as well. I tried the 'ugly' solution from @kai3341 by adding these lines on the
A more permanent solution wouldn't be to update the |
Having the same issue as described in the initial thread, when running it from the repository and on linux. Wasn't able to proceed at all. Any help would be appreciated. Downgrading is not an option, because of many packages having dependencies with Using one of the packed released binaries for Windows it worked fine. |
I got as far as @fedjo by replacing the contents of |
Can you try replacing the certificate with this file? localtest.me.pem.txt (remove the .txt extension) |
Yields the same error. Also, when I struggled with this initially a few days ago, I poked around a bit with In the end I installed Ubuntu 14.04 on a USB stick and put a modern Python 3 on there using Conda. That worked, but it is kind of inconvenient to boot into an entirely different OS :) |
Which linux distribution are you using? |
Debian unstable, probably not the best for reproduceability 😬 |
This should be fixed now. |
I can confirm that it works now. Awesome, thank you! |
Thanks @ma1co |
For me with new certificate still the same problem: |
You can use a Fedora 28 Live System. It has Python 3.6 (new enough) and openssl 1.1.0h (old enough) to work. Only thing you need to install is python3-tkinter and the dependencies via pip3 install -r requirements.txt. |
In 9ab9dbe, I have switched to tlslite-ng, now it should defininitely be fixed. |
There is a problem with the provided certificate and up to date openssl versions.
The camera switches correctly and waits for the app.
Output of openssl version:
OpenSSL 1.1.1a 20 Nov 2018
The text was updated successfully, but these errors were encountered: