[英]what does this ssl error in python mean?
I have the following simple python code, which is intended to perform an ssl handshake and validate certificates between a client and server: 我有以下简单的python代码,旨在执行ssl握手并验证客户端和服务器之间的证书:
ssl_test.py: ssl_test.py:
import ssl
import socket
s = socket.socket()
print "connecting..."
#logging.debug("Connecting")
# Connect with SSL mutual authentication
# We only trust our server's CA, and it only trusts user certificates signed by it
c = ssl.wrap_socket(s, cert_reqs=ssl.CERT_REQUIRED,
ssl_version=ssl.PROTOCOL_SSLv3, ca_certs='ca.crt',
certfile='user.crt', keyfile='user.key')
c.connect((constants.server_addr, constants.port))
When I execute this, I get the following error. 执行此操作时,出现以下错误。
>python ssl_test.py
Traceback (most recent call last):
File "ssl_test.py", line 12, in <module>
c.connect(('192.168.1.82', 7070))
File "C:\Python27\lib\ssl.py", line 331, in connect
self._real_connect(addr, False)
File "C:\Python27\lib\ssl.py", line 314, in _real_connect
self.ca_certs, self.ciphers)
ssl.SSLError: [Errno 0] _ssl.c:340: error:00000000:lib(0):func(0):reason(0)
What does this error mean, and how do I resolve it? 此错误是什么意思,我该如何解决?
This looks like http://bugs.python.org/issue2687 , where the following answer is given: 看起来像http://bugs.python.org/issue2687 ,给出了以下答案:
No, the problem is with your "ca_certs" argument on the client side.
不,问题出在客户端的“ ca_certs”参数上。 You can't use a directory.
您不能使用目录。 You must use a file containing a number of concatenated certificates.
您必须使用包含许多串联证书的文件。 I'll beef up the documentation to make that clearer.
我将整理文档以使内容更清楚。
I see that your ca_certs
is a file, not a directory, but perhaps this still sheds some light. 我看到您的
ca_certs
是文件,而不是目录,但是也许仍然可以ca_certs
。 Is the ca.crt file validly formatted and in the right place? ca.crt文件的格式正确且位置正确吗?
I am new to Python and ended up on this trail after doing a search for the original ssl.SSLError. 我是Python的新手,在搜索原始ssl.SSLError之后最终进入了这条路。 I know this doesn't help the original poster, but it may help others with this error.
我知道这对原始海报没有帮助,但可能会帮助其他人解决此错误。 Most of the Python examples use:
大多数Python示例使用:
ca_certs="/etc/ca_certs_file"
Since this file doesn't exist, you get this error. 由于此文件不存在,因此会出现此错误。 To use the system CA certificates on most recent versions of Linux use:
要在最新版本的Linux上使用系统CA证书,请使用:
ca_certs="/etc/ssl/certs/ca-certificates.crt"
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.