堆栈内存溢出
  简体   繁体   English

使用Python请求信任自签名证书

[英]Trusting self signed certificate with Python requests

 原文  2014-08-06 01:52:33       python/ apache/ ssl/ python-requests

问题描述

My apache ssl conf has the following configs 我的apache ssl conf有以下配置 

#   Server Certificate:
SSLCertificateFile /etc/pki/tls/certs/localhost.crt

#   Server Private Key:
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key

I do not have the CA certificates for this server. 我没有此服务器的CA证书。 Can I still install the localhost.crt into my clients to successfully verify my server? 我是否仍然可以将localhost.crt安装到我的客户端以成功验证我的服务器?

On the client: I am using Python requests library (2.2.1). 在客户端:我正在使用Python请求库(2.2.1)。 The default CA BUNDLE path is used. 使用默认的CA BUNDLE路径。 Even when I add the localhost.crt to the cacert.pem in the default path, I am unable to see the verification go through. 即使我将localhost.crt添加到默认路径中的cacert.pem,我也无法看到验证通过。 I see the exception: 我看到了例外情况: 

    File "/usr/lib/python2.7/site-packages/requests/adapters.py", line 385, in send
    raise SSLError(e)
SSLError: [Errno 1] _ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

Am I doing anything wrong? 我做错了吗? Should I only add the CA who signed the localhost.crt in the server? 我应该只在服务器中添加签署localhost.crt的CA吗?

Thanks, Vijay 谢谢,维杰

1 个解决方案

解决方案1
 2  2016-03-13 11:55:06

If you provided code and be more clear on what you're doing then you'd get a good answer. 如果你提供了代码并且更清楚你正在做什么,那么你会得到一个很好的答案。

If you want don't want to get the error even if you use an invalid certificate then try the verify=False attribute. 如果您希望即使使用无效证书也不想收到错误,请尝试使用verify=False属性。

>>> requests.get('https://kennethreitz.com', verify=False)

If you want to use a custom certificate, then place the certificate in the script folder and use the cert=('/path/client.cert', '/path/client.key') argument. 如果要使用自定义证书,请将证书放在脚本文件夹中,并使用cert=('/path/client.cert', '/path/client.key')参数。

>>> requests.get('https://kennethreitz.com', cert=('/path/client.cert', '/path/client.key')) . >>> requests.get('https://kennethreitz.com', cert=('/path/client.cert', '/path/client.key'))

For more info read the docs.python-requests.org/en/master/user/advanced/ site 有关详细信息,请阅读docs.python-requests.org/en/master/user/advanced/网站

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在 Python 中使用带有自签名证书的请求时,证书验证失败 - Certificate Verify Failed when using Requests in Python with a self signed certificate 如何使用Python请求使用密码对自签名证书进行身份验证 - How to authenticate self signed certificate with password using Python requests 如何获得 Python 请求以信任自签名 SSL 证书? - How to get Python requests to trust a self signed SSL certificate? Python 请求:[SSL: CERTIFICATE_VERIFY_FAILED] 证书验证失败:自签名证书 - Python requests: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate 如何使用 Python3 请求信任 badssl.com 的自签名证书 - How to trust self signed certificate of badssl.com with Python3 requests 确定SSL证书是否使用Python自签名 - Determine if SSL certificate is self signed using Python 带有 Python SSL 插座的自签名证书 - Self signed Certificate with Python SSL socket Python,OpenSSL:自签名证书生成 - Python, OpenSSL: self-signed certificate generation 使用python自签名证书的ssl - ssl with self signed certificate using python Python 和请求的自签名 CA 验证错误 - Self signed CA verification error with Python and Requests
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM