SSL certificates work with Python 2.6.6's smtplib but not with Python 2.7.9

Question

The code is:

import smtplib

SERVER = XXX
PORT = 587
USERNAME = YYY
PASSWORD = ZZZZ
SENDER = 'foo@domain.com'
RECEIVERS = ['bar@anotherdomain.com', ]

CERTFILE = "/path/to/certfile.crt"
KEYFILE = "/path/to/certfile.key"

client = smtplib.SMTP(SERVER, PORT)
client.set_debuglevel(1)
client.ehlo()
client.starttls(keyfile=KEYFILE, certfile=CERTFILE)
client.ehlo()
client.login(USERNAME, PASSWORD)
client.sendmail(SENDER, RECEIVERS, """Subject: XXX

hello world!""")

It works (sends the email) when I use python 2.6.6 but when I use Python 2.7.9 the error it gives is:

[...]
send: 'STARTTLS\r\n'
reply: '220 2.0.0 SMTP server ready\r\n'
reply: retcode (220); Msg: 2.0.0 SMTP server ready
Traceback (most recent call last):
  File "./fbo_test_email.py", line 31, in <module>
    client.starttls(keyfile=KEYFILE, certfile=CERTFILE)
  File "/usr/local/lib/python2.7/smtplib.py", line 649, in starttls
    self.sock = ssl.wrap_socket(self.sock, keyfile, certfile)
  File "/usr/local/lib/python2.7/ssl.py", line 891, in wrap_socket
    ciphers=ciphers)
  File "/usr/local/lib/python2.7/ssl.py", line 509, in __init__
    self._context.load_cert_chain(certfile, keyfile)
ssl.SSLError: [X509: KEY_VALUES_MISMATCH] key values mismatch (_ssl.c:2525)

More information:

the crt file is a RSA private key, the first line is: -----BEGIN RSA PRIVATE KEY-----
the key file's first line is: -----BEGIN CERTIFICATE-----

I can't understand why the certificates are ok for Python 2.6.6's smtplib but not for Python 2.7.9.

Any hints would be appreciated, thanks in advance.

It must be the other way: the keyfile must be the one with the RSA PRIVATE KEY. — Steffen Ullrich, May 20 '15 at 16:29
Steffen, following your advice when I switch the files they don't work neither with Python 2.6 nor Python 2.7 — marcelor, May 20 '15 at 18:01

SSL certificates work with Python 2.6.6's smtplib but not with Python 2.7.9

0 Answers0