I'm stuck with an ssl error!?
Upgraded from 19.10 to 20.04 and get this error:
ssl.SSLError: [SSL: DH_KEY_TOO_SMALL] dh key too small (_ssl.c:1108)
It is raised by a python script calling a rest API to oanda.com.
Connecting to the service with Postman or OANDA's java app both work without fault. Also, have the python script running on an RPi OK, after one change, see below!
20.04 - OpenSSL 1.1.1f 31 Mar 2020
RPi - OpenSSL 1.1.1d 10 Sep 2019
The problem was also on the RPi and research found a couple of suggestions to change the setting CipherString = DEFAULT@SECLEVEL=2
to CipherString = DEFAULT@SECLEVEL=1
in the /etc/ssl/openssl.cnf
file. This worked on the RPi but did not work on Ubuntu 20.04.
Any ideas on how to resolve this?
Error report:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 665, in urlopen
httplib_response = self._make_request(
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 376, in _make_request
self._validate_conn(conn)
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 996, in _validate_conn
conn.connect()
File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 352, in connect
self.sock = ssl_wrap_socket(
File "/usr/lib/python3/dist-packages/urllib3/util/ssl_.py", line 370, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File "/usr/lib/python3.8/ssl.py", line 500, in wrap_socket
return self.sslsocket_class._create(
File "/usr/lib/python3.8/ssl.py", line 1040, in _create
self.do_handshake()
File "/usr/lib/python3.8/ssl.py", line 1309, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: DH_KEY_TOO_SMALL] dh key too small (_ssl.c:1108)
I've even downgraded certain python packages without success. The raspbian pi even has earlier versions of everything even python itself. Tried the
/etc/ssl/openssl.cnf
file edits but no dice.I'm really stumped. Pretty certain it's an openssl issue along with the pi version of ubuntu but idk for sure.
– RobHimself Jun 29 '20 at 18:39