pychef中的ssl证书验证
[英]ssl certificate verification in pychef
问题描述
I am trying to use python to connect to chef api. 
我正在尝试使用python连接到Chef api。 I am using pychef to connect to chef from python. 我正在使用pychef从python连接到厨师。
Following are the code: 以下是代码:
import chef
with chef.ChefAPI('https://chef-e.xxxx.com:443/organizations/xxxx', '/root/.chef/rajgourav.pem', 'rajgourav'):
n = chef.Node('chef-e.xxxx.com')
I am getting following certificate error: 我收到以下证书错误:
[root@chef-e py]# /appl/python27/bin/python mychef.py
Traceback (most recent call last):
File "mychef.py", line 6, in <module>
n = chef.Node('chef-e.xxxx.com')
File "/appl/python27/lib/python2.7/site-packages/chef/base.py", line 58, in __init__
data = self.api[self.url]
File "/appl/python27/lib/python2.7/site-packages/chef/api.py", line 229, in __getitem__
return self.api_request('GET', path)
File "/appl/python27/lib/python2.7/site-packages/chef/api.py", line 225, in api_request
response = self.request(method, path, headers, data)
File "/appl/python27/lib/python2.7/site-packages/chef/api.py", line 208, in request
response = self._request(method, self.url+path, data, dict((k.capitalize(), v) for k, v in request_headers.iteritems()))
File "/appl/python27/lib/python2.7/site-packages/chef/api.py", line 195, in _request
return urllib2.urlopen(request).read()
File "/appl/python27/lib/python2.7/urllib2.py", line 154, in urlopen
return opener.open(url, data, timeout)
File "/appl/python27/lib/python2.7/urllib2.py", line 431, in open
response = self._open(req, data)
File "/appl/python27/lib/python2.7/urllib2.py", line 449, in _open
'_open', req)
File "/appl/python27/lib/python2.7/urllib2.py", line 409, in _call_chain
result = func(*args)
File "/appl/python27/lib/python2.7/urllib2.py", line 1240, in https_open
context=self._context)
File "/appl/python27/lib/python2.7/urllib2.py", line 1197, in do_open
raise URLError(err)
urllib2.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)>
Could you please help me resolve ssl certificate error. 您能帮我解决ssl证书错误吗? I know I have to accept the certificate and add it to trusted certificate list but dont know how to do it in python. 我知道我必须接受证书并将其添加到受信任的证书列表中,但不知道如何在python中进行操作。
PS I am able to work with knife without any issue. PS我可以用刀没有任何问题。
I tried using ssl_verify param but I am getting error : 我尝试使用ssl_verify参数,但出现错误:
TypeError: __init__() got an unexpected keyword argument 'ssl_verify'
from api.py: 来自api.py:
def __init__(self, url, key, client, version='0.10.8', headers={}):
Some info about my env : 有关我的环境的一些信息:
[root@chef-e py]# /appl/python27/bin/python
Python 2.7.10 (default, Aug 8 2015, 06:25:19)
[GCC 4.4.7 20120313 (Red Hat 4.4.7-16)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import chef
>>> chef.__version__
(0, 2, 3, 'dev')
>>>
Thanks, Rajgourav Jain 谢谢,Rajgourav in那教
1 个解决方案
解决方案1
2 2015-09-18 07:21:13
The __init__ method of ChefAPI has the following signature: ChefAPI的__init__方法具有以下签名:
def __init__(self, url, key, client, version='0.10.8', headers={}, ssl_verify=True):
So obviously, you have to set the parameter ssl_verify to False : 显然,您必须将参数ssl_verify设置为False :
import chef
with chef.ChefAPI(
'https://chef-e.xxxx.com:443/organizations/xxxx',
'/root/.chef/rajgourav.pem',
'rajgourav',
ssl_verify=False):
But indeed, this is still missing in the documentation . 但是确实, 文档中仍然缺少此功能。
EDIT: indeed, this seems to be a change that is not yet released (the v0.2.3 tag does not yet contain this option). 编辑:的确,这似乎是尚未发布的更改( v0.2.3标记尚不包含此选项)。 So either use the source from the master branch or nag the author to push out a new release. 因此,要么使用master分支中的源代码,要么na作者以推出新版本。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.