64
votes

UPDATE: Please, if anyone can help: Google is waiting for inputs and examples of this problem on their bug tracking tool. If you have reproducible steps for this issue, please share them on: https://code.google.com/p/googleappengine/issues/detail?id=10937

I'm trying to fetch data from the StackExchange API using a Google App Engine backend. As you may know, some of StackExchange's APIs are site-specific, requiring developers to run queries against every site the user is registered in.

So, here's my backend code for fetching timeline data from these sites. The feed_info_site variable holds the StackExchange site name (such as 'security', 'serverfault', etc.).

    data = json.loads(urllib.urlopen("%sme/timeline?%s" % 
        (self.API_BASE_URL, urllib.urlencode({"pagesize": 100, 
        "fromdate": se_since_timestamp, "filter": "!9WWBR
        (nmw", "site": feed_info_site, "access_token": 
    decrypt(self.API_ACCESS_TOKEN_SECRET, self.access_token), "key": 
self.API_APP_KEY}))).read())
for item in data['items']:
    ... # code for parsing timeline items

When running this query on all sites except Stack Overflow, everything works OK. What's weird is, when the feed_info_site variable is set to 'stackoverflow', I get the following error from Google App Engine:

    HTTPException: Invalid and/or missing SSL certificate for URL: 
https://api.stackexchange.com/2.2/me/timeline?
filter=%219WWBR%28nmw&access_token=
    <ACCESS_TOKEN_REMOVED>&fromdate=1&pagesize=100&key=
<API_KEY_REMOVED>&site=stackoverflow

Of course, if I run the same query in Safari, I get the JSON results I'm expecting from the API. So the problem really lies in Google's URLfetch service. I found several topics here on Stack Overflow related to similar HTTPS/SSL exceptions, but no accepted answer solved my problems. I tried removing cacerts.txt files. I also tried making the call with validate_certificate=False, with no success.

I think the problem is not strictly related to HTTPS/SSL. If so, how would you explain that changing a single API parameter would make the request to fail?

2
Might have been fixed by Google since v1.9.7 but I have to check for it. code.google.com/p/googleappengine/issues/detail?id=10937 - Romain
I am having a very similar problem, but when visiting browserid.org/verify Anyone who has feedback, it'd be much appreciated! It'd be great to know how to do this without disabling SSL certificates. - John Zeller
Well my particular problem was solved by replacing browserid.org/verify with verifier.login.persona.org/verify - John Zeller
Wondering if you already looked for anything in the response headers. - bhantol
Are you still using urllib.open directly or the urlfetch.fetch API? I have experienced situations where urlfetch must have done some extra magic underneath the covers because it worked and urllib didn't. - dlebech

2 Answers

1
votes
  1. Wait for the next update to the app engine (scheduled one soon) then update.
  2. Replace browserid.org/verify with another service (verifier.loogin.persona.org/verify is a good service hosted by Mozilla what could be used)
  3. Make sure cacerts.txt doesnt exist (looks like you have sorted but just in-case :-) )
  4. Attempt again Good luck! -Brendan
0
votes

I was facing the same error, google has updated the app engine now, error resolved, please check the updated docs.