Exception 'One or more parameters passed to a function were not valid.' #205
Description
I'm using truststore on macOS.
I get the following exception when my application tries to verify the peer certificates:
ssl.SSLError: (b'One or more parameters passed to a function were not valid.',)
The stack trace indicates that this happens on the call to Security.SecTrustCreateWithCertificates:
Traceback (most recent call last):
File "<path>/.venv/lib/python3.12/site-packages/kombu/connection.py", line 474, in _reraise_as_library_errors
yield
File "<path>/.venv/lib/python3.12/site-packages/kombu/connection.py", line 461, in _ensure_connection
return retry_over_time(
^^^^^^^^^^^^^^^^
File "<path>/.venv/lib/python3.12/site-packages/kombu/utils/functional.py", line 318, in retry_over_time
return fun(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^
File "<path>/.venv/lib/python3.12/site-packages/kombu/connection.py", line 941, in _connection_factory
self._connection = self._establish_connection()
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "<path>/.venv/lib/python3.12/site-packages/kombu/connection.py", line 863, in _establish_connection
conn = self.transport.establish_connection()
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "<path>/.venv/lib/python3.12/site-packages/kombu/transport/pyamqp.py", line 203, in establish_connection
conn.connect()
File "<path>/.venv/lib/python3.12/site-packages/amqp/connection.py", line 324, in connect
self.transport.connect()
File "<path>/.venv/lib/python3.12/site-packages/amqp/transport.py", line 133, in connect
self._init_socket(
File "<path>/.venv/lib/python3.12/site-packages/amqp/transport.py", line 212, in _init_socket
self._setup_transport()
File "<path>/.venv/lib/python3.12/site-packages/amqp/transport.py", line 406, in _setup_transport
self.sock = self._wrap_socket(self.sock, **self.sslopts)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "<path>/.venv/lib/python3.12/site-packages/amqp/transport.py", line 415, in _wrap_socket
return self._wrap_socket_sni(sock, **sslopts)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "<path>/.venv/lib/python3.12/site-packages/amqp/transport.py", line 559, in _wrap_socket_sni
sock = context.wrap_socket(**opts)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "<path>/.venv/lib/python3.12/site-packages/pip/_vendor/truststore/_api.py", line 130, in wrap_socket
_verify_peercerts(ssl_sock, server_hostname=server_hostname)
File "<path>/.venv/lib/python3.12/site-packages/pip/_vendor/truststore/_api.py", line 339, in _verify_peercerts
_verify_peercerts_impl(
File "<path>/.venv/lib/python3.12/site-packages/pip/_vendor/truststore/_macos.py", line 428, in _verify_peercerts_impl
Security.SecTrustCreateWithCertificates(
File "<path>/.venv/lib/python3.12/site-packages/pip/_vendor/truststore/_macos.py", line 273, in _handle_osstatus
raise ssl.SSLError(message)
ssl.SSLError: (b'One or more parameters passed to a function were not valid.',)
I verified the (PEM) certificate using openssl x509 and when I put a few debug statements before Security.SecTrustCreateWithCertificates I see that cert_chain contains my custom certificate.
I'm not sure how I can perform further validation.