<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div>I am not able to reproduce using zc.ssl 1.2:</div><div><br></div><div><div>>>> import zc.ssl</div><div>>>> </div><div>>>> conn = zc.ssl.HTTPSConnection("<a href="http://test.authorize.net">test.authorize.net</a>")</div><div>>>> conn.connect()</div><div>>>> conn.request("GET", "/")</div><div>>>> conn.getresponse().status</div><div>200</div><div><br></div><div>>>> conn = zc.ssl.HTTPSConnection("<a href="http://secure.authorize.net">secure.authorize.net</a>")</div><div>>>> conn.connect()</div><div>>>> conn.request("GET", "/")</div><div>>>> conn.getresponse().status</div><div>200</div></div><div><br></div><div>Using zc.ssl's certs.pem file with the requests package works as well; maybe you're running</div><div>into some other issue?</div><div><br></div><div><div>On Jan 25, 2013, at 12:22 PM, Senner, Talin wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite">It's that the current certs.pem doesn't contain the updated chain for <a href="http://test.authorize.net/secure.authorize.net">test.authorize.net/secure.authorize.net</a> etc. Using the current will throw an ssl error. <div>
<br></div><div>I've fixed my local instance of this using the local system certificate chain.</div><div><br></div><div>For the future i'll let the developers know that zc.ssl is deprecated.</div><div><div><br></div>
<div>Thanks again.</div><div><br>Talin</div><br><div class="gmail_quote">On Fri, Jan 25, 2013 at 11:16 AM, Jim Fulton <span dir="ltr"><<a href="mailto:jim@zope.com" target="_blank">jim@zope.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im">On Fri, Jan 25, 2013 at 12:00 PM, Jim Fulton <<a href="mailto:jim@zope.com">jim@zope.com</a>> wrote:<br>
> On Fri, Jan 25, 2013 at 11:22 AM, Senner, Talin <<a href="mailto:senner@wildcardcorp.com">senner@wildcardcorp.com</a>> wrote:<br>
>> Would someone that has access be able to update zc.ssl and release a new<br>
>> version:<br>
>><br>
>> <a href="http://svn.zope.org/zc.ssl/trunk/src/zc/ssl/certs.pem" target="_blank">http://svn.zope.org/zc.ssl/trunk/src/zc/ssl/certs.pem</a><br>
>><br>
>> with a new version of ca root certificates (something say from a latest<br>
>> linux release from /etc/ssl ). The current cert chain is over 5 years old.<br>
<br>
</div>The certificates in zc.ssl haven't changed.<br>
<div class="im"><br>
> I'll take care of this. Note that we (ZC) will likely move to requests and<br>
> stop maintaining zc.ssl.<br>
<br>
</div>There's nothing to do at this point. If you want more root CAs, I suggest<br>
using requests, or forking zc.ssl and adding certs to your fork.<br>
<div class="HOEnZb"><div class="h5"><br>
Jim<br>
<br>
--<br>
Jim Fulton<br>
<a href="http://www.linkedin.com/in/jimfulton" target="_blank">http://www.linkedin.com/in/jimfulton</a><br>
Jerky is better than bacon! <a href="http://zo.pe/Kqm" target="_blank">http://zo.pe/Kqm</a><br>
</div></div></blockquote></div><br></div>
_______________________________________________<br>Zope-Dev maillist - <a href="mailto:Zope-Dev@zope.org">Zope-Dev@zope.org</a><br><a href="https://mail.zope.org/mailman/listinfo/zope-dev">https://mail.zope.org/mailman/listinfo/zope-dev</a><br>** No cross posts or HTML encoding! **<br>(Related lists -<br> https://mail.zope.org/mailman/listinfo/zope-announce<br> https://mail.zope.org/mailman/listinfo/zope )<br></blockquote></div><br></body></html>