堆栈内存溢出
  简体   繁体   English

使用带有代理的 SSL 证书的 Python 错误

[英]Python error using SSL certificate with proxy

 原文  2017-09-01 00:13:56       python/ ssl/ python-requests/ ssl-certificate

问题描述

I am accessing an https page through a proxy:我正在通过代理访问 https 页面:

    def read_page(self,url):
    '''
    Gets web page using proxy and returns beautifulsoup object
    '''
    soup = None
    try:
        r = requests.get(url, proxies=PROXIES, auth=PROXY_AUTH,
             cert = ('../static/crawlera-ca.crt'), verify=False,allow_redirects=False)
    except requests.exceptions.MissingSchema:
        return False

    if r.status_code == 200:
        soup = bs4.BeautifulSoup(r.text, "html.parser")
        if soup:
            return soup
    return False

I am passing " https://www.bestbuy.com " as the url.我通过“ https://www.bestbuy.com ”作为网址。 I get this error:我收到此错误:

requests.exceptions.SSLError: HTTPSConnectionPool(host='www.bestbuy.com', port=443): Max retries exceeded with url: / (Caused by SSLError(SSLError(336265225, '[SSL] PEM lib (_ssl.c:2964)'),))

When I remove the cert = ('../static/crawlera-ca.crt') argument, the program accesses the site successfully giving me an 'InsecureRequestWarning', which is expected.当我删除cert = ('../static/crawlera-ca.crt')参数时,程序成功访问该站点,并给我一个“InsecureRequestWarning”,这是预期的。 But I don't understand why the other error happens.但我不明白为什么会发生另一个错误。 The certificate file is in the right place in my folder hierarchy, and was downloaded from the proxy service, so I know it's right.证书文件在我的文件夹层次结构中的正确位置,并且是从代理服务下载的,所以我知道它是正确的。

The easy option would be to just not use the certificate and suppress the security warning, but I want to do it properly.简单的选择是不使用证书并取消安全警告,但我想正确地做到这一点。 Can anyone explain what is going on and how I can fix it?任何人都可以解释发生了什么以及我如何解决它?

1 个解决方案

解决方案1
 2 已采纳  2017-09-01 05:47:39

I think you misunderstood the meaning of the cert parameter.我认为您误解了cert参数的含义。 This is not the (list of) trusted CA you seem to think but this parameter is for the client certificate you use to authenticate yourself against the server.这不是您似乎认为的(列表)受信任 CA,但此参数用于您用来针对服务器进行身份验证的客户端证书。 And, such a certificate for authentication also requires a matching private key.而且,这种用于身份验证的证书还需要匹配的私钥。

Given that it works without this parameter the server obviously does not need a client certificate from you (which is uncommon anyway).鉴于它在没有此参数的情况下工作,服务器显然不需要您的客户端证书(无论如何这并不常见)。 You've probably meant instead to use ../static/crawlera-ca.crt as the list of trusted CA for certificate validation instead.您可能打算使用../static/crawlera-ca.crt作为证书验证的可信 CA 列表。 In this case you should not use the cert parameter but use the verify parameter like this:在这种情况下,您不应使用cert参数,而应使用如下所示的verify参数:

  r = requests.get(url, proxies=PROXIES, auth=PROXY_AUTH,
         verify = '../static/crawlera-ca.crt', 
         allow_redirects=False)

For more information see the documentation of cert parameter and how to use it in authentication with client certificates and how to use verify in server certificate validation.有关更多信息,请参阅cert 参数文档以及如何在客户端证书身份验证中使用它以及如何在服务器证书验证中使用 verify

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在 python ssl 中使用自我证书验证时出错 - getting error using self certificate verification in python ssl python pip 安装给出 ssl 证书错误 - python pip install gives ssl Certificate error Python请求模块中的SSL证书错误,但VBA中没有 - SSL certificate error in Python requests module, but not in VBA python请求SSL错误(证书验证失败) - python Requests SSL ERROR (certificate verify failed) Python SSL错误CERTIFICATE_VERIFY_FAILED - Python SSL error CERTIFICATE_VERIFY_FAILED Python 请求 SSL 错误 - 证书验证失败 - Python requests SSL error - certificate verify failed Python SSL套接字证书验证失败错误 - Python SSL Socket Certificate Verify Failed Error 使用python中的SSL证书访问安全的网站 - Accessing secured website using SSL certificate in python 使用python自签名证书的ssl - ssl with self signed certificate using python 如何使用python获取ssl证书详细信息 - how to get ssl certificate details using python
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM