Python-如何解决 ssl.SSLError: [SSL: CA_MD_TOO_WEAK]

Question

I've got a huge problem with authorization of my API request. I'm using python 3.10. For setting up the client I have code as follows:

from zeep import exceptions, helpers
from requests import Session
from zeep.transports import Transport
from zeep import Client

def login(register):
.......
elif register == 'XXX':
  authTok = '' #only for coherence
  wsdl_path = r"path_to_my_wsdl.wsdl"
  url = urllib.parse.urljoin('file:', urllib.request.pathname2url(os.path.abspath(wsdl_path)))
  session = Session()
  session.verify = False
  session.cert = (r'path_to_my_cert.pem')
  client = Client(wsdl=url, transport=Transport(session=session))
return client, authTok

Then I used code below to get the client:

client, authTok = login('XXX')
search = {}
search['sort'] = {'sort_att': 'number',
                  'sort_asc': 'True'}
search['criterion'] = {'search_range': 'RP', 'id': '123456789'}

No error till this step. And finally I've tried to send my request like this: r = client.service.searchcompany(params=search)

Here I got error like this:

ssl.SSLError: [SSL: CA_MD_TOO_WEAK] ca md too weak (_ssl.c:3862)

With openssl I've generated new cert:

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out mycert.pem -sha256 -days 365 -nodes

As the output I've received two files: key.pem and mycert.pem. With command certifi.where() I found location of my file cacert.pem and pasted into it the content of file mycert.pem.

Unfortunately the error still occurs. Could anybody explain what I'm doing wrong?

Answer 1

In my case it was helpful to downgrade the version of python to 3.8.8. That solved my error.