[英]How to capture python https traffic in fiddler?
Python throws in errors when ever I try to do some data fetching task.每当我尝试执行某些数据获取任务时,Python 都会出错。 This only happens when I set fiddler to decrypt https traffic.
这只发生在我设置 fiddler 来解密 https 流量时。 I have tried routing python traffic through 127.0.0.1:8888 and same with mozilla inorder to catch its traffic.
我已经尝试通过 127.0.0.1:8888 路由 python 流量,并且与 mozilla 相同,以便捕获其流量。 I also installed the certificate and trusted it via fiddler, I am not sure where I am going wrong.
我还安装了证书并通过 fiddler 信任它,我不确定我哪里出错了。
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='google.com', port=443):
Max retries exceeded with url: / (Caused by SSLError(SSLError(1, '[SSL: CERTIFIC
ATE_VERIFY_FAILED] certificate verify failed (_ssl.c:748)'),))
This above is the error I get whenever I try to fetch a page with requests.以上是我尝试获取带有请求的页面时遇到的错误。
TL;DR The requests library does not use the windows certificate store, it has it's own one (as per https://bugs.python.org/issue28547 ). TL;DR requests 库不使用 Windows 证书存储,它有自己的一个(根据https://bugs.python.org/issue28547 )。 This means that your fiddler MITM certificate is not available to python requests by default.
这意味着默认情况下,您的提琴手 MITM 证书不可用于 python 请求。
Your options are您的选择是
More details can be found at http://docs.python-requests.org/en/master/user/advanced/#ssl-cert-verification更多细节可以在http://docs.python-requests.org/en/master/user/advanced/#ssl-cert-verification找到
On a side note, it does feel a little strange for requests to be using it's own cert bundle, rather than the platform supplied one - especially given all the browsers are happy to use the platform ones.另一方面,请求使用自己的证书包而不是平台提供的证书确实感觉有点奇怪 - 特别是考虑到所有浏览器都乐于使用平台的。
As pointed out by polhemic and Eric Aronesty, for testing purposes, you can set temporarily "CURL_CA_BUNDLE" to an empty string.正如 polhemic 和 Eric Aronesty 所指出的,出于测试目的,您可以暂时将“CURL_CA_BUNDLE”设置为空字符串。
import os
os.environ['CURL_CA_BUNDLE'] = ''
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.