NOTICE: This version of the NSF Unidata web site (archive.unidata.ucar.edu) is no longer being updated.
Current content can be found at unidata.ucar.edu.
To learn about what's going on, see About the Archive Site.
NOTICE: This version of the NSF Unidata web site (archive.unidata.ucar.edu) is no longer being updated.
Current content can be found at unidata.ucar.edu.
To learn about what's going on, see About the Archive Site.
Hi, I've never tried to deal with this before, but this stack overflow answer might be helpful? https://stackoverflow.com/questions/71603314/ssl-error-unsafe-legacy-renegotiation-disabled Good luck! Ryan On Fri, Jun 24, 2022 at 3:51 PM Ken Harris <kjh@xxxxxxxxxxx> wrote: > Peeps : > > Not exactly a python issue, but I'm looking for a python based work around > : > > If I try to get data from nomads.ncep.noaa.gov, I get an error message : > > error:0A000152:SSL routines::unsafe legacy renegotiation disabled > > I've encountered this because Fedora recently moved to "OpenSSL 3.0", > which disables SSL_OP_LEGACY_SERVER_CONNECT > > You can see this (on a machine running OpenSSL 3.0) by doing : > > ncdump -h > http://nomads.ncep.noaa.gov/dods/gfs_1p00/gfs20220624/gfs_1p00_00z > > ... or by running the attached python code. > > This is because the nomads.ncep.noaa.gov GrADS server doesn't do RFC > 5746 (so this might be nomads admin issue ... or GrADS server problem, > but I suspect this would take a long time to upgrade). > > You can see also this by doing : > > openssl s_client -connect nomads.ncep.noaa.gov:443 > > ... and noticing : "Secure Renegotiation IS NOT supported" > > This can be worked around by creating an OpenSSL config file and > setting "Options = UnsafeLegacyRenegotiation" and then setting > OPENSSL_CONF to this config file, but that's a bit ugly. It would be > nice to just set UnsafeLegacyRenegotiation for nomads, but I don't see > how to do that. > > But I'm looking for a python workaround that I can put in my code > (that will work w/ netcdf & xarray). > > Thanks, > Ken > _______________________________________________ > NOTE: All exchanges posted to Unidata maintained email lists are > recorded in the Unidata inquiry tracking system and made publicly > available through the web. Users who post to any of the lists we > maintain are reminded to remove any personal information that they > do not want to be made public. > > > python-users mailing list > python-users@xxxxxxxxxxxxxxxx > For list information, to unsubscribe, or change your membership options, > visit: https://www.unidata.ucar.edu/mailing_lists/ > -- Ryan May Unidata Deputy Director UCAR Boulder, CO
python-users archives: