Nagstamon - Python OpenSSL certificate validation

When I try to connect to my monitoring system with desktop widget Nagstamon, Nagstamon was not able to connect due to SSL certificate validation problem. I’m using certificate from CAcert.org. After a while of hacking I have found this workaround in source code. This is the wrong way:
+ # necessary for Python-2.7.9-ssl-support-fix https://github.com/HenriWahl/Nagstamon/issues/126
+ if sys.version_info >= (2, 7, 9):
+ try:
+ self.https_handler = urllib2.HTTPSHandler(context=ssl._create_unverified_context())
+ except:
+ self.https_handler = urllib2.HTTPSHandler()
+ else:
+ self.https_handler = urllib2.HTTPSHandler()
+
Here is working solution.
mkdir ssl/
cd ssl/
wget -O root.crt http://www.cacert.org/certs/root.crt
for i in *.crt; do \
ln -s $i `openssl x509 -noout -issuer_hash -in $i`.0; \
done
c_rehash . # standard OpenSSL command, see https://www.openssl.org/docs/apps/c_rehash.html
cd .
And now set OpenSSL environent variable to the correct path (where you store CA cert):
Happy monitoring!
Hoping you are using valid OpenSSL certificate. :-)
- Issue on GitHub: https://github.com/HenriWahl/Nagstamon/issues/126
- My pull request: https://github.com/HenriWahl/Nagstamon/pull/134