SSL Errors in Different Programming Languages
SSL Errors in Different Programming Languages
Each programming language handles SSL/TLS differently, with varying default behaviors and configuration options. Development often requires disabling certificate validation, while production demands strict security.
Python SSL handling:
import requests
import ssl
import urllib3
# Development: Disable warnings (NEVER in production)
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
# Skip verification (development only)
response = requests.get('https://self-signed.local', verify=False)
# Production: Custom CA bundle
response = requests.get('https://internal-ca.company.com',
verify='/path/to/ca-bundle.crt')
# Advanced SSL configuration
from requests.adapters import HTTPAdapter
from requests.packages.urllib3.poolmanager import PoolManager
class SSLAdapter(HTTPAdapter):
def init_poolmanager(self, *args, **kwargs):
context = ssl.create_default_context()
context.check_hostname = False
context.verify_mode = ssl.CERT_REQUIRED
context.load_verify_locations('/path/to/ca.crt')
kwargs['ssl_context'] = context
return super().init_poolmanager(*args, **kwargs)
session = requests.Session()
session.mount('https://', SSLAdapter())
Node.js SSL handling:
const https = require('https');
const fs = require('fs');
// Development: Ignore self-signed certificates
process.env["NODE_TLS_REJECT_UNAUTHORIZED"] = 0;
// Production: Custom CA
const options = {
hostname: 'api.example.com',
port: 443,
path: '/endpoint',
method: 'GET',
ca: fs.readFileSync('ca-cert.pem'),
cert: fs.readFileSync('client-cert.pem'),
key: fs.readFileSync('client-key.pem'),
rejectUnauthorized: true
};
const req = https.request(options, (res) => {
console.log('statusCode:', res.statusCode);
});
// Handle certificate errors
req.on('error', (e) => {
if (e.code === 'UNABLE_TO_VERIFY_LEAF_SIGNATURE') {
console.error('Certificate verification failed');
}
});