Httpie: "SSLError: hostname <x> doesn't match <y>" - but Curl/Chrome don't report SSL issues?
I'm attempting to use httpie with the JIRA REST API.
The command fails with an "SSLError: hostname
bash-3.2$ http https://jira.mongodb.org/rest/api/2/search?jql=assignee=bob
http: error: SSLError: hostname 'jira.mongodb.org' doesn't match either of '*.mongodb.com', 'mongodb.com'
My understanding is that requests should normally throw up that error if the SSL certificate isn't valid. The message seems to imply that the cert is for *.mongodb.com, which jira.mongodb.org wouldn't fall under.
However, the same command works fine via CuRL, with no SSL warnings:
bash-3.2$ curl -v https://jira.mongodb.org/rest/api/2/search?jql=assignee=free
* Adding handle: conn: 0x7fbe2b003a00
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x7fbe2b003a00) send_pipe: 1, recv_pipe: 0
* About to connect() to jira.mongodb.org port 443 (#0)
* Trying 54.221.213.229...
* Connected to jira.mongodb.org (54.221.213.229) port 443 (#0)
* TLS 1.1 connection using TLS_RSA_WITH_AES_256_CBC_SHA
* Server certificate: jira.mongodb.org
* Server certificate: Go Daddy Secure Certification Authority
* Server certificate: Go Daddy Class 2 Certification Authority
> GET /rest/api/2/search?jql=assignee=free HTTP/1.1
> User-Agent: curl/7.30.0
> Host: jira.mongodb.org
> Accept: */*
>
< HTTP/1.1 200 OK
* Server Apache-Coyote/1.1 is not blacklisted
< Server: Apache-Coyote/1.1
< Vary: Accept-Encoding
< Cache-Control: no-cache, no-store, no-transform
< Content-Type: application/json;charset=UTF-8
< Date: Fri, 26 Sep 2014 02:14:22 GMT
< X-AREQUESTID: 134x54195573x2
< Transfer-Encoding: chunked
< X-AUSERNAME: anonymous
< Set-Cookie: atlassian.xsrf.token=ASGJ-NC06-6R0X-EKH7|4d65065ad638afb4fe7edb9b04e81379cc315e06|lout; Path=/
<
* Connection #0 to host jira.mongodb.org left intact
{"startAt":0,"maxResults":50,"total":0,"issues":[]}
Furthermore, it also loads up fine in my browser (Chrome), and no SSL warnings are give.
Any thoughts on what might be going on please?
victorhooi
All 4 comments
This has to do with SNI. You need to install extra dependencies which you'll get if you do 'pip install requests[security]'
Sent from my Android device with K-9 Mail. Please excuse my brevity.
sigmavirus24
on 26 Sep 2014
Having the same problem but the only way I can get a request to work is if I set verify to False. I tried upgrading requests and installing requests[security] and even setting verify to the cert file.
Craiting
on 21 Mar 2017
I was having this problem as well. I needed to upgrade requests[security] and httpie:
pip install --upgrade requests[security]
pip install --upgrade httpie
NuSkooler
on 11 Jul 2017
These errors should be gone in newer HTTPie versions which rely on Python 3.6+.
jakubroztocil
on 23 May 2020
Related issues
sensibleish
·
3Comments
tonsV2
·
4Comments
ghost
·
5Comments
k0pernikus
·
3Comments
chuma
·
3Comments
Most helpful comment
This has to do with SNI. You need to install extra dependencies which you'll get if you do 'pip install requests[security]'
Sent from my Android device with K-9 Mail. Please excuse my brevity.