I've been working on a Python discord bot and wanted to containerize it, which has worked pretty well, but while testing one of the features (bot -> open API) via HTTPS using the http3 package and I'm getting the following error:
ssl.SSLError: Cannot create a client socket with a PROTOCOL_TLS_SERVER context (_ssl.c:811)
I've read various articles and tutorials online but they either seem to half answer my question or partially relate to other applications altogether, such as configuring Nginx, which I think is just muddying the water a little.
So far I've encountered people mentioning to create and move some certs and one answer saying to include --network host into the Dockerfile, but it doesn't seem like there is any issue with the network connectivity itself.
I was tempted to just change the request URL to use HTTP instead as there's no credentials or sensitive data being transmitted but would feel a lot more comfortable knowing it's using HTTPS instead.
My Dockerfile is as below (note: I added the RUN apt-get update ... block after my investigations hoping that would generate a certificate and the error would magically clear up but that's not the case).
FROM python:3.10-bullseye
COPY requirements.txt /app/
COPY ./bot/ /app
RUN apt-get update \
&& apt-get install openssl \
&& apt-get install ca-certificates
RUN update-ca-certificates
WORKDIR /app
RUN pip install -r requirements.txt
COPY . .
CMD ["python3", "-u", "v1.py"]
I tried a little bit basic of diagnostics through the container like checking the directories for certs and trying to curl to a HTTPS URL.
Update: perhaps it's a bug in the package but out of curiosity I swapped the REST API client implementation out to use asyncio and aiohttp instead of http3 and retried the request and it works perfectly so yeah, I guess if anyone encounters the same thing - try that instead