堆栈内存溢出
  简体   繁体   English

检索时自签名 SSL 证书更改

[英]Self-Signed SSL Certificate Changes Upon Retrieval

 原文  2019-03-22 22:03:01       python/ ssl/ flask/ google-cloud-platform

问题描述

I have a very simple flask HTTPS server running using a self-signed certificate on a google compute instance.我有一个非常简单的 Flask HTTPS 服务器,它在 google 计算实例上使用自签名证书运行。 Here is the code for the server:这是服务器的代码:

from flask import Flask
app = Flask(__name__)

with open("test_certificate.pem",'r') as inputFile:
    print(inputFile.read())

if __name__=="__main__":
    app.run(ssl_context=("test_certificate.pem", "test_key.pem"), 
        debug=True, host="0.0.0.0", port=443)

When I start the server I receive the following output:当我启动服务器时,我收到以下输出:

-----BEGIN CERTIFICATE-----
MIID7DCCAtSgAwIBAgIJANdrMgD+3bUnMA0GCSqGSIb3DQEBCwUAMIGKMQswCQYD
VQQGEwJVUzELMAkGA1UECAwCUEExFTATBgNVBAcMDFBoaWxhZGVscGhpYTEKMAgG
A1UECgwBQTERMA8GA1UECwwIYXNkZmF3ZWYxFzAVBgNVBAMMDjM1LjIzMS4xMTAu
MTQ5MR8wHQYJKoZIhvcNAQkBFhBhc2RmYXNAZ21haWwuY29tMB4XDTE5MDMyMjIw
NTcyM1oXDTIwMDMyMTIwNTcyM1owgYoxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJQ
QTEVMBMGA1UEBwwMUGhpbGFkZWxwaGlhMQowCAYDVQQKDAFBMREwDwYDVQQLDAhh
c2RmYXdlZjEXMBUGA1UEAwwOMzUuMjMxLjExMC4xNDkxHzAdBgkqhkiG9w0BCQEW
EGFzZGZhc0BnbWFpbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCl16hzFOqYQozHh4G46oY32HP59LgfbT7hGyAcYPC3jt42jiKa9Yfpa8JaaZrm
xWagPNZG73xqyejMoaLKEPbZc650e+mwNuVoer2ic2CZIKp5iVy0si85ecxAkFYR
3RF+eDCqL8kT5gLbfj8knq3PQtVp2AmNlnN8c3cV6It5XJMUoPyfGdCGzphzVha+
XBpWJ25pWmezB38lTZpBdeZx2KDTDNpbtxsmtxy52IHQ/HXCnlW8bSbvhFvTn0IH
q3vOJnKG7GNOiOtyi+i6bSg0QxbQAhN5xVVB3Qq6i5yaIFTz/1Wedr4FpvbJqShZ
wf5lt4PxSaO6hDXbnWOgiiW3AgMBAAGjUzBRMB0GA1UdDgQWBBSs3T312Qv3r7QN
bs/duHyQrvO9RTAfBgNVHSMEGDAWgBSs3T312Qv3r7QNbs/duHyQrvO9RTAPBgNV
HRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBLcpXBcafyR2SRa6jDDnwt
rDxr4aKnC6C99JPmrpBS6aD5+LrCUn6eY7B0MS5/+EoBEWxMtRoCW6MpBKdaOgPw
1etjfoYICPTvkvnIJRn3re1ziV54wSaXWlATTCoJ9Cjg8daHk7RS5JFr9T13iRwR
dzbAx6/dAFur6mmVcH5yD+qSJWSIBq/EpOjy4xWt1Pqu7oClzGLCStsR4sAIg0+T
gQIwxy9pMukxZOCzER9Ega+Wnac/CpA9pNUs+ayMebjo9ZVnq95vBzy87UMptvz9
W00TV+NN/zbnV24gmnOTWla4x8ylxxhq+7bYImZjnwinMe3FCIcZA350dcuOZI8n
-----END CERTIFICATE-----

I was having issues sending HTTPS requests (I was receiving SSL "bad handshake" errors), so I executed the following code to see what the certificate was that was being returned:我在发送 HTTPS 请求时遇到问题(我收到 SSL“握手错误”错误),所以我执行了以下代码以查看返回的证书是什么:

import ssl 

serverSSL = ssl.get_server_certificate(('20.42.490.329',443))
print(serverSSL)
with open(VERIFY_PATH, 'w') as outputFile:
    outputFile.write(serverSSL)

This code outputs the following:此代码输出以下内容:

-----BEGIN CERTIFICATE-----
MIIDmDCCAoCgAwIBAgIJT8O3F1rTZQgnMA0GCSqGSIb3DQEBCwUAMFgxCzAJBgNV
BAYTAlVTMQswCQYDVQQIEwJQQTEVMBMGA1UEBxMMUEhJTEFERUxQSElBMQ0wCwYD
VQQKEwRVUEhTMRYwFAYDVQQDFA1VUEhTX0ZJUkVXQUxMMB4XDTE5MDMyMjIwNTcy
M1oXDTIwMDMyMTIwNTcyM1owgYoxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJQQTEV
MBMGA1UEBwwMUGhpbGFkZWxwaGlhMQowCAYDVQQKDAFBMREwDwYDVQQLDAhhc2Rm
YXdlZjEXMBUGA1UEAwwOMzUuMjMxLjExMC4xNDkxHzAdBgkqhkiG9w0BCQEWEGFz
ZGZhc0BnbWFpbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3
Bd7d0ty9wbw8G+ongIs6Ezy0njO0JLulMNV/SVnBg+V0yHfCy0emA4JXyHTw+LfX
fQcQeiv0znXUFNnl+i2T0vQuPb2U99wbj+c/MEsiP+H9NRDWzgYgQTat/nGZv31l
grH4+IJSYVuQ/iKquSseKrQRJzDQes1BbuA8hNoD2iIuV2hIPzXMUOEbBExXoAF8
U8M0UMWUrvsCYrzf/qJlg+jciUqhXiRc3SomIxrs6P7J/LJHl+xWFsUflWgzoxDn
NCYaf3nCGi55cqWbstJytvtDoDqS3+HoYeCLz3ab/HCGMiTPJOtLi/nLMhkCZy2U
bowedqlFX6C7wIG/rczTAgMBAAGjMjAwMB0GA1UdDgQWBBSs3T312Qv3r7QNbs/d
uHyQrvO9RTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBtgJZ3
dQMV36kXDKKEBEV04RTFD6XrKhEx0/TRyiCzuCG05GtF0efbA0pz18uDMNYla70i
R4n/KWTRjbJ8aVvQwYvT7vCgTzHtM0lPwIiZYzssvlaauBEiZCBYAEV1hFEK53A2
eqUmDGul7x9w4IO0800pC8vkdxL6UGa6i/cEp4xXZca+A4Ukhoq+I8sENPTiBIy1
FT+wWgz8d7V65wM+r9pe4OvUubLJ4qHwKBGRGCOAh5SeluKIL1L8sSul3MKOr+Cj
t5mHuGsjXTyIjB3nYkW94tBkFiRvEYRKtvoDOo5wm8v4g/GGSZtDlNLtq7523J3n
maGrCR2AQw4PA5i3
-----END CERTIFICATE-----

Why do these certificates not match?为什么这些证书不匹配? I am assuming this is why I am getting the bad handshake error.我假设这就是我收到错误握手错误的原因。 Any suggestions are much appreciated任何建议都非常感谢

1 个解决方案

解决方案1
 0  2021-02-24 19:05:39

Ok, so you are using invalid certificates, and the reason why the file changes every time is that you are corrupting it.好的,所以您使用的是无效证书,并且每次文件都更改的原因是您正在破坏它。

This is what I use to get a TRUSTED certificate that most browsers can use: https://certbot.eff.org/instructions .这是我用来获得大多数浏览器可以使用的受信任证书的方法: https://certbot.eff.org/instructions : https://certbot.eff.org/instructions Comment and tell me if this works for you.评论并告诉我这是否适合您。

Tho, if you really want to test this, just use Tho,如果你真的想测试这个,只需使用

if __name__ == "__main__":
    app.run(ssl_context='adhoc')

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用自签名证书将Metro应用连接到Python SSL服务器 - Connect a Metro app to a Python SSL server with a self-signed certificate 如何使用自签名 ssl 证书运行 Aiogram webhook? - How to run Aiogram webhook with self-signed ssl certificate? 如何让 PyC​​harm 接受我的自签名 SSL 证书? - How to let PyCharm accept my self-signed SSL certificate? Python,OpenSSL:自签名证书生成 - Python, OpenSSL: self-signed certificate generation 自定义Web服务器和自签名证书 - Custom web server & self-signed certificate 使用PyMongo进行自签名SSL连接 - Self-signed SSL connection using PyMongo 如何删除在AWS ubuntu服务器中创建的自签名SSL证书 - How to remove the self-signed SSL certificate created in AWS ubuntu server 应用程序无法在运行Debian的BeagleBone Black上验证SSL自签名证书 - Application fails to verify SSL self-signed certificate on a BeagleBone Black running Debian 如何允许 python 信任我服务器的 TLS 自签名证书:ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] 证书验证失败 - How to allow python to trust my server's TLS self-signed certificate: ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed 如何使用自签名证书限制访问? - How to restrict access by using a self-signed certificate?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM