feedvalidator icon indicating copy to clipboard operation
feedvalidator copied to clipboard
verified publisher icon rubys

Run FeedValidator with Python >= 2.7.9 to support SNI with TLS connections

Open josephw opened this issue 9 years ago • 3 comments

When the FeedValidator tries to validate a site using SNI it fails with this error:

urllib2.URLError: <urlopen error [Errno 1] _ssl.c:504: error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 unrecognized name>

Fixing this requires (only) a Python upgrade to 2.7.9- see PEP-466) (or 3).

When running under Python 2.7.9, #28 causes the tests to fail. More significantly, Dreamhost's /usr/bin/python is currently 2.7.3

josephw avatar Jan 03 '17 11:01 josephw

More generally, I believe the upgrade fixes other SSL issues. See this mailing list search for other users having problems.

josephw avatar Jan 03 '17 11:01 josephw

The upgrade also adds support for TLS 1.2. Lack of this leads to:

error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error

which is common as more sites disable older TLS versions for security reasons.

josephw avatar Jan 03 '17 11:01 josephw

Just wanted to add that this affects all sites deployed with AWS CloudFront. I have a static blog generated by Hugo and hosted on CloudFront with SSL (https://cloudywindows.com).

There is also a very impactful knock on effect - since many "top blog sites" and feed services use feedvalidator to ensure a basic feed quality level, this is also blocking me from submitting to many valuable traffic generation sites. (e.g. alltop.com)

FYI - my site gets straight A's from https://www.ssllabs.com/ssltest/

DarwinJS avatar Mar 25 '17 12:03 DarwinJS