请求 Microsoft 图形 API 时出现 SSL 错误
[英]SSL error while doing a request for Microsoft graph api
问题描述
I trying to get integrate Microsoft Graph API into the airflow application docker-compose.
我试图将 Microsoft Graph API 集成到气流应用程序 docker-compose 中。 And I have a self-signed SSL certificate for my domain.我的域有一个自签名 SSL 证书。
following is the sample of DAG (pythonOperator): [I'm using the msal pypi package]以下是 DAG (pythonOperator) 的示例:[我正在使用msal pypi 包]
app_meta = MicrosoftGraphAPI.get()
app = msal.ConfidentialClientApplication(
app_meta['client_id'],
authority=app_meta['authority'],
client_credential=app_meta['client_credential'],
token_cache=None,
)
Error:错误:
WARNING - Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')])"))': /d8c857c0-b2da-48fd-9b28-db5792c0d481/v2.0/.well-known/openid-configuration
[2021-06-23 10:19:02,870] {taskinstance.py:1396} ERROR - HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with url: /d8c857c0-b2da-48fd-9b28-db5792c0d481/v2.0/.well-known/openid-configuration (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')])")))
Traceback (most recent call last):
File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/contrib/pyopenssl.py", line 488, in wrap_socket
cnx.do_handshake()
File "/home/airflow/.local/lib/python3.8/site-packages/OpenSSL/SSL.py", line 1934, in do_handshake
self._raise_ssl_error(self._ssl, result)
File "/home/airflow/.local/lib/python3.8/site-packages/OpenSSL/SSL.py", line 1671, in _raise_ssl_error
_raise_current_error()
File "/home/airflow/.local/lib/python3.8/site-packages/OpenSSL/_util.py", line 54, in exception_from_error_queue
raise exception_type(errors)
OpenSSL.SSL.Error: [('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')]
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 670, in urlopen
httplib_response = self._make_request(
File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 381, in _make_request
self._validate_conn(conn)
File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 978, in _validate_conn
conn.connect()
File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/connection.py", line 362, in connect
self.sock = ssl_wrap_socket(
File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/util/ssl_.py", line 386, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/contrib/pyopenssl.py", line 494, in wrap_socket
raise ssl.SSLError("bad handshake: %r" % e)
UPDATE: I don't want to ignore certificate validation.更新:我不想忽略证书验证。 How to fix it如何修复
1 个解决方案
解决方案1
0 2021-06-24 07:24:49
Earlier intermediate CA certificates were optional, but now it is mandatory that you must have all the root and intermediate certificates available in certificate chain.早期的中间 CA 证书是可选的,但现在必须拥有证书链中可用的所有根证书和中间证书。 I also faced this issue while connecting to nuget site for downloading packages, so i installed "BaltimoreCyberTrustRoot" , "Microsoft Azure TLS Issuing CA 01" and "DigiCertGlobalRootG2".我在连接到 nuget 站点下载软件包时也遇到了这个问题,所以我安装了“BaltimoreCyberTrustRoot”、“Microsoft Azure TLS Issuing CA 01”和“DigiCertGlobalRootG2”。 It worked for me.它对我有用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.