[英]ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed, Python sockets, ssl, gmail smtp connect
I want to connect to gmail SMTP server using secure sockets. 我想使用安全套接字连接到Gmail SMTP服务器。 I have downloaded the
mail.google.com.crt
cert file by using my browser - Firefox (I simply opened a gmail.com
page and then exported the certificate using my browser export cert button). 我已经使用浏览器Firefox下载了
mail.google.com.crt
证书文件(我只是打开gmail.com
页面,然后使用浏览器导出证书按钮导出了证书)。
However, its seems that there is a problem, and I do not know why. 但是,似乎有问题,我不知道为什么。 when I changed
mail.google.com.crt
to GeoTrustGlobalCA.pem
(I found it somewhere online) it worked (didnt show the erros). 当我将
mail.google.com.crt
更改为GeoTrustGlobalCA.pem
(我在网上找到它)后,它开始工作了(没有显示错误)。 Am I not understand something here? 我在这里不明白吗?
if __name__ == '__main__':
HOST = 'smtp.gmail.com'
PORT = 465
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect((HOST, PORT))
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
context.verify_mode = ssl.CERT_REQUIRED
context.load_verify_locations('mail.google.com.crt')
# check SNI extension
if ssl.HAS_SNI:
secure_sock = context.wrap_socket(sock, server_hostname=HOST)
else:
secure_sock = context.wrap_socket(sock)
cert = secure_sock.getpeercert()
print cert
if not cert or ('commonName', 'smtp.google.com') not in cert['subject'][4]: raise Exception("erroe" )
secure_sock.recv(1024)
secure_sock.close()
sock.close()
context.load_verify_locations('mail.google.com.crt')
Verify locations are expected to contain trusted CA certificates. 验证位置应包含受信任的CA证书。 The server certificate you've specified is no CA certificate.
您指定的服务器证书不是CA证书。 From the documentation :
从文档中 :
Load a set of “certification authority” (CA) certificates used to validate other peers' certificates ...
加载一组用于验证其他对等方证书的“证书颁发机构”(CA)证书...
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.