I would first try to generate a new certificate on one of the failing systems and make sure it's key length is the max (2048 i think). The python standard libraries disabled handshake's with key lengths shorter than 1024 (i believe that theres a bug where it actually only works with 2048 key lengths) a few years ago; version i think was somewhere around 2.6.9 or so.
You may also need to add to the default cipher list as i mentioned in my post above. I believe the order maters.
During my troubleshooting i has also installed the following packages, though i cant confirm if they contributed to my success:
pip install requests[security] urllib3
As a fall back, i have a python 2.6.6 install that i use to verify its not something more than the cert. Hope that helps.
Thanks. While adding that entry around line 433 in NaServer.py did the tricky for me.
It seems like its skipping the certificate validation altogether. I have a signed certificate and cannot get it work on my 7mode system.
The reason why I think its skipping cert validation is because I have wildcard based certificate and the connection goes through successfully irrespective of using fqdn or cname.
On a cdot system though, it works like a charm ( without having to make any edits to NaServer.py). When I connect using fqdn instead of cname to a cdot system, it throws a error saying invalid matching name for the certificate ( This error goes away when line 433 is added which again proves the fact that cert validation is disabled when that line is added).