堆栈内存溢出
  简体   繁体   English

AppEngine本地开发服务器上的Braintree SDK SSLCertificateError

[英]Braintree SDK SSLCertificateError on AppEngine local dev server

 原文  2017-11-20 09:48:49       python/ google-app-engine/ braintree/ braintree-sandbox

问题描述

The use of Braintree SDK under my local dev_appserver.py is returning following error on braintree.ClientToken.generate() : 在我的本地dev_appserver.py下使用Braintree SDKBraintree.ClientToken.generate braintree.ClientToken.generate()上返回以下错误: 

SSLError: SSLCertificateError:
Invalid and/or missing SSL certificate for URL:  
https://api.sandbox.braintreegateway.com:443/merchants/<merchant_id>/client_token

I am using the requests_toolbelt at the start of my server: 我在服务器启动时使用了requests_toolbelt 

# Make requests work in GAE
import requests
from requests_toolbelt.adapters import appengine
appengine.monkeypatch()

Explicitly excluding SSL Validation doesn't work either (returns with the same error message): 明确排除SSL验证也不起作用(返回相同的错误消息): 

appengine.monkeypatch(validate_certificate=False)

In fact, without requests_toolbelt , the error I get when calling .generate() is: 事实上,如果没有requests_toolbelt ,错误,我得到的时候调用.generate()是: 

ProtocolError('Connection aborted.', error(13, 'Permission denied'))

I also tried the hack in the main.py of braintree-python-appengine project but I get the same SSL error message back. 我还尝试了braintree-python-appengine项目的main.py中的hack,但是我得到了相同的SSL错误消息。

My dev environment: 我的开发环境:

  • MacOSX 10.11.6 MacOSX 10.11.6
  • gcloud app Python Extensions 1.9.63 gcloud app Python扩展1.9.63
  • Python 2.7.10 Python 2.7.10
  • requests==2.18.4 要求== 2.18.4
  • braintree==3.39.0 Braintree == 3.39.0
  • Flask==0.12.2 烧瓶== 0.12.2

Note: 注意:

  1. Once deployed to Google App Engine, I get the client token back without any problem 部署到Google App Engine后,我可以毫无问题地获得客户端令牌
  2. Directly use of requests on https://www.braintreepayments.com/ returns 200 without any errors 直接在https://www.braintreepayments.com/上使用requests将返回200,没有任何错误

1 个解决方案

解决方案1
 1 已采纳  2017-11-20 12:40:05

Braintree support kindly replied to my inquiry with (on 2017-11-20): Braintree支持人员于(2017-11-20)回复了我的询问:

The error you're receiving is generally related to the SSL/TLS protocols being used when your app is run; 您收到的错误通常与应用程序运行时使用的SSL / TLS协议有关; our sandbox environment requires connections to be made via TLS 1.2, a requirement that does not yet apply to production. 我们的沙盒环境要求通过TLS 1.2建立连接,该要求尚未应用于生产。

From review, it appears that the protocols being used when the app is deployed locally are not valid for our environment. 经审查,看来在本地部署应用程序时使用的协议对我们的环境无效。 If the app settings are localised within the Google App Engine, that may be the cause of the issue; 如果应用设置在Google App Engine中进行了本地化,则可能是造成此问题的原因; Python uses the system-supplied OpenSSL, and TLSv1.2 requires OpenSSL 1.0.1c or later. Python使用系统提供的OpenSSL,而TLSv1.2需要OpenSSL 1.0.1c或更高版本。

So the root cause is my version of Python which uses an older version of OpenSSL: 因此,根本原因是我的Python版本使用了较旧的OpenSSL版本: 

$ python --version
Python 2.7.10

$ python
>> import ssl
>> ssl.OPENSSL_VERSION
>> 'OpenSSL 0.9.8zh 14 Jan 2016'

The solution is to upgrade my version of python via brew: 解决方案是通过brew升级我的python版本: 

$ brew install python
$ python2 --version
Python 2.7.14

$ python2
>> import ssl
>> ssl.OPENSSL_VERSION
>> 'OpenSSL 1.0.2m  2 Nov 2017'

Then, launching my dev server using newly installed python solves the SSLCertificateError : 然后,使用新安装的python启动我的开发服务器即可解决SSLCertificateError 

python2 $appserver_path/dev_appserver.py ...

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在本地开发服务器上的Google Appengine后端日志记录 - Google Appengine backend logging on local dev server AppEngine功能可在本地开发服务器上使用,但不能在实时Web服务器上使用 - AppEngine feature working in local dev server but not on live web server 有没有办法对本地appengine开发服务器强制执行30秒限制? - is there any way to enforce the 30 seconds limit on local appengine dev server? AppEngine Paypal集成使用Python在localhost上提供SSLCertificateError - AppEngine Paypal integration giving SSLCertificateError on localhost, using Python 升级到appengine dev server 1.7.6后导入simplejson时出错 - Error importing simplejson after upgrading to appengine dev server 1.7.6 python运行时中Appengine开发服务器上的模块初始化错误 - Module initialization error on appengine dev server in python runtime ImportError:无法使用AppEngine开发服务器导入名称SignedJwtAssertionCredentials - ImportError: cannot import name SignedJwtAssertionCredentials using AppEngine dev server 在appengine上查询datetime.datetime的行为与开发服务器的帮助不同! - Querying datetime.datetime on appengine acts different then dev server help! 无法在dev_server上运行appengine-admin - cannot run appengine-admin on dev_server 如何在Google Appengine python SDK 1.8.1中迁移本地数据存储 - how to migrate local datastore in google appengine python SDK 1.8.1
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM