I am trying to use connect to another party using Python 3 asyncio module and get this error:
36 sslcontext = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
---> 37 sslcontext.load_cert_chain(cert, keyfile=ca_cert)
38
SSLError: [SSL] PEM lib (_ssl.c:2532)
The question is just what the error mean. My certificate is correct, the keyfile (CA certificate) might not.
Assuming that version 3.6 is being used:
See: https://github.com/python/cpython/blob/3.6/Modules/_ssl.c#L3523-L3534
PySSL_BEGIN_ALLOW_THREADS_S(pw_info.thread_state);
r = SSL_CTX_check_private_key(self->ctx);
PySSL_END_ALLOW_THREADS_S(pw_info.thread_state);
if (r != 1) {
_setSSLError(NULL, 0, __FILE__, __LINE__);
goto error;
}
What it is saying is that SSL_CTX_check_private_key failed; thus, the private key is not correct.
Reference to the likely version: