Python请求模块中的SSLError模块
问题描述:
我想从我的客户端使用从server生成的证书向服务器进行身份验证。我有一个server-ca.crt,下面是正在工作的CURL命令。如何使用发送类似请求python请求模块。Python请求模块中的SSLError模块
$ curl -X GET -u sat_username:sat_password \
-H "Accept:application/json" --cacert katello-server-ca.crt \
https://satellite6.example.com/katello/api/organizations
我试过下面的方法,它得到一些例外,有人可以帮助解决这个问题。
python requestsCert.py
Traceback (most recent call last):
File "requestsCert.py", line 2, in <module>
res=requests.get('https://satellite6.example.com/katello/api/organizations', cert='/certificateTests/katello-server-ca.crt', verify=True)
File "/usr/lib/python2.7/site-packages/requests/api.py", line 68, in get
return request('get', url, **kwargs)
File "/usr/lib/python2.7/site-packages/requests/api.py", line 50, in request
response = session.request(method=method, url=url, **kwargs)
File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 464, in request
resp = self.send(prep, **send_kwargs)
File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 576, in send
r = adapter.send(request, **kwargs)
File "/usr/lib/python2.7/site-packages/requests/adapters.py", line 431, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: [SSL] PEM lib (_ssl.c:2554)
答
res=requests.get('https://...', cert='/certificateTests/katello-server-ca.crt', verify=True)
的cert
论点requests.get
用于指定应该用于相互认证的客户端证书和密钥。它不用于指定受信任的CA,因为curl中的--cacert
参数确实如此。相反,你应该使用verify
参数:
res=requests.get('https://...', verify='/certificateTests/katello-server-ca.crt')
欲了解更多信息,请参阅SSL Cert Verification和Client Side Certificates文档中的requests
。
密切相关:https://*.com/questions/30109449/what-does-sslerror-ssl-pem-lib-ssl-c2532-mean-using-the-python-ssl-libr但我不是肯定这是重复的,因为在这个问题中,错误在'request'代码中引发,而在另一个问题中,'requests'没有涉及。 –