3

I searched everywhere but seems like it is only my problem or everyone else using bypass which I don't want. So I'am getting access denied to windows certificate store. When I access from python cmd everything is ok. My site in IIS is set for Administrator credentials and application catalog also have Administrator rights. There is similar problem on stack and I had looked into it but my case seems different and I don't want to use unverified context for obvious reasons.

I'm stuck and don't understand what's going on. Any help?

(Windows server 2012 r2, django 1.8, python 2.7.9, IIS 8.5)

conn = httplib.HTTPSConnection(PAYPAL_LIVE_HOST, context=ssl._create_default_https_context())

    Traceback (most recent call last):
  File "c:\Python27\lib\site-packages\django\core\handlers\base.py", line 132, in get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "c:\Python27\lib\site-packages\django\contrib\auth\decorators.py", line 22, in _wrapped_view
    return view_func(request, *args, **kwargs)
  File "C:\inetpub\vhosts\sgtmarkets.com\rails\SGTMarketsBO\website\views\finance\deposit.py", line 77, in paypal
    conn = httplib.HTTPSConnection(PAYPAL_LIVE_HOST, context=ssl._create_default_https_context())
  File "c:\Python27\lib\ssl.py", line 427, in create_default_context
    context.load_default_certs(purpose)
  File "c:\Python27\lib\ssl.py", line 378, in load_default_certs
    self._load_windows_store_certs(storename, purpose)
  File "c:\Python27\lib\ssl.py", line 365, in _load_windows_store_certs
    for cert, encoding, trust in enum_certificates(storename):
WindowsError: [Error 5] Access is denied
rifle2000
  • 371
  • 2
  • 8
  • So anyone? Or maybe user who voted down my question will write an answer cause if he voted down it's so easy that I didn't do any research or work on my own to resolve the problem. – rifle2000 Nov 24 '15 at 14:09

2 Answers2

6

I know this is an old post, but I was able to solve this by going to Application Pools in IIS, selecting the application pool my Django app was running in, go to Advanced Settings, click the three dots button next to ApplicationPoolIdentity (at least that was the built-in account that was the default for me), and then change it to NetworkService account.

0xDECAFBAD
  • 154
  • 1
  • 10
  • Thanks. I was fighting with this long time. I would never have thought about the application pool identity... – rifle2000 Mar 30 '17 at 14:15
  • Pool Identity in my case had the rights already as a member of IIS_WPG. So switching to Network Service and recycling did not help. – sherdim Dec 03 '17 at 09:52
  • For me this is the only answer that helped! Thank you so much. This a quick fix indeed! – Code Cooker Mar 06 '22 at 15:57
0

I had the same problem and solved it with the 'request' module instead 'httplib'

khwinter
  • 1