[英]OpenSSL error - RestClient Gem - Python WSGI
I'm struggling on a SSL issue. 我正在努力解决SSL问题。 I'm trying to connect to a Web server for a Python application but each time I execute a request, I have this error :
我正在尝试为Python应用程序连接到Web服务器,但是每次执行请求时,都会出现此错误:
RestClient::SSLCertificateNotVerified: SSL_connect returned=1 errno=0 state=error: certificate verify failed:
The python code to launch the server is as so : 启动服务器的python代码如下:
http_server = WSGIServer(('', int(port)), app, log=nylas_logger, handler_class=NylasWSGIHandler, http_server = WSGIServer(('',int(port)),app,log = nylas_logger,handler_class = NylasWSGIHandler,
keyfile='/vagrant/server.key', certfile='/vagrant/server.crt') keyfile ='/ vagrant / server.key',certfile ='/ vagrant / server.crt')
rvm osx-ssl-certs update all
rvm osx-ssl-certs update all
The most surprising is that I actually can perform requests on another type of server using the same certificates so it seems the issue may be with the Python web server. 最令人惊讶的是,我实际上可以使用相同的证书在另一种类型的服务器上执行请求,因此看来问题可能出在Python Web服务器上。
It turns out the gevent.pywsgi server did not handle the SSL certificate correctly. 事实证明,gevent.pywsgi服务器未正确处理SSL证书。 I installed Nginx and did a reverse proxy on the localhost Python gevent.pywsgi server and did the SSL handling on the Nginx part and it worked instantly.
我安装了Nginx,并在本地Python gevent.pywsgi服务器上进行了反向代理,并在Nginx部分进行了SSL处理,它立即起作用。
For information, my nginx conf : 有关信息,请参阅我的nginx conf:
server{
listen 80;
return 301 https://$host$request_uri;
}
server{
listen 443;
server_name subdomain.domain.com;
ssl on;
ssl_certificate /etc/nginx/ssl/cert.pem;
ssl_certificate_key /etc/nginx/ssl/cert.key;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proro $scheme;
proxy_pass http://localhost:5555;
proxy_read_timeout 90;
proxy_pass_request_headers on;
proxy_redirect http://localhost:5555 https://subdomain.domain.com;
}
}
And I restricted the python server to listen only to localhost requests. 而且我将python服务器限制为仅侦听localhost请求。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.