stackoom
  简体   繁体   中英

How to use TLS 1.0 with Python 3.8?

 原文  2020-06-10 14:39:28       python-3.x/ ssl/ openssl/ jira/ urllib3

Question

I have a code that connects with Jira using jira module.
Unfortunately Jira server only supports SSLv3 and TLS1 .
I know they are old protocols , host will accept new ones before the end of this year.
But until there I need my python code to connect on Jira using TLS1 .

With Python 3.6 it worked fine, but with Python 3.8 it doesn't work, it shows me the error message below.

Python 3.8.2 (default, Apr 27 2020, 15:53:34) 
[GCC 9.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from jira import JIRA
>>> import urllib3
>>> urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
>>> 
>>> options = {"server": "https://jira.mycompany.com/", "verify": False}
>>> jira = JIRA(options, auth=("user", "pass"))
WARNING:root:HTTPSConnectionPool(host='jira.mycompany.com', port=443): Max retries exceeded with url: /rest/auth/1/session (Caused by SSLError(SSLError(1, '[SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:1108)'))) while doing POST https://jira.mycompany.com/rest/auth/1/session [{'data': '{"username": "user", "password": "pass"}', 'headers': {'User-Agent': 'python-requests/2.23.0', 'Accept-Encoding': 'gzip, deflate', 'Accept': 'application/json,*.*;q=0.9', 'Connection': 'keep-alive', 'Cache-Control': 'no-cache', 'Content-Type': 'application/json', 'X-Atlassian-Token': 'no-check'}}]
WARNING:root:Got ConnectionError [HTTPSConnectionPool(host='jira.mycompany.com', port=443): Max retries exceeded with url: /rest/auth/1/session (Caused by SSLError(SSLError(1, '[SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:1108)')))] errno:None on POST https://jira.mycompany.com/rest/auth/1/session
{'response': None, 'request': <PreparedRequest [POST]>}\{'response': None, 'request': <PreparedRequest [POST]>}
WARNING:root:Got recoverable error from POST https://jira.mycompany.com/rest/auth/1/session, will retry [1/3] in 7.597192960254091s. Err: HTTPSConnectionPool(host='jira.mycompany.com', port=443): Max retries exceeded with url: /rest/auth/1/session (Caused by SSLError(SSLError(1, '[SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:1108)')))

I already checked and OpenSSL supports TLS1 .

$ openssl s_client -help 2>&1  > /dev/null | egrep "\-(ssl|tls)[^a-z]"
 -ssl_config val            Use specified configuration file
 -tls1                      Just use TLSv1
 -tls1_1                    Just use TLSv1.1
 -tls1_2                    Just use TLSv1.2
 -tls1_3                    Just use TLSv1.3
 -ssl_client_engine val     Specify engine to be used for client certificate operations

Using only requests it gives me the same result.

python3 -c "import requests; requests.get('https://jira.mycompany.com/')"
Traceback (most recent call last):
  File "/home/lazize/repos/myproj/venv/lib/python3.8/site-packages/urllib3/connectionpool.py", line 670, in urlopen
    httplib_response = self._make_request(
  File "/home/lazize/repos/myproj/venv/lib/python3.8/site-packages/urllib3/connectionpool.py", line 381, in _make_request
    self._validate_conn(conn)
  File "/home/lazize/repos/myproj/venv/lib/python3.8/site-packages/urllib3/connectionpool.py", line 976, in _validate_conn
    conn.connect()
  File "/home/lazize/repos/myproj/venv/lib/python3.8/site-packages/urllib3/connection.py", line 361, in connect
    self.sock = ssl_wrap_socket(
  File "/home/lazize/repos/myproj/venv/lib/python3.8/site-packages/urllib3/util/ssl_.py", line 377, in ssl_wrap_socket
    return context.wrap_socket(sock, server_hostname=server_hostname)
  File "/usr/lib/python3.8/ssl.py", line 500, in wrap_socket
    return self.sslsocket_class._create(
  File "/usr/lib/python3.8/ssl.py", line 1040, in _create
    self.do_handshake()
  File "/usr/lib/python3.8/ssl.py", line 1309, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:1108)

How can I use Python 3.8 with TLS1 ?

1 answers

solution1
 0 ACCPTED  2020-06-10 17:37:22

I solved the issue installing python package below.
In this way it installed pyOpenSSL .

Let me quote documentation:

If you install urllib3 with the secure extra, all required packages for certificate verification will be installed.

pip install urllib3[secure]

If I understood correct Python comes with its own implementation of SSL via module ssl .
Installing urllib3 in this way it will force Python to use OpenSSL implementation via pyOpenSSL .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to work with Python requests with hosts only supporting TLS 1.0 In Python 3.8 how to use a variable for print precision Python SSL/TLS - no shared cipher on Python 3.8 but working on Python 3.6 How to use pip for python 3.9 instead of inbuilt python 3.8 in Ubuntu? Disable TLS1.0 and TLS1.1 on Cherrypy, Python3 How can I install pyodbc on Windows for use with Python 3.8? How to install and use both python 3.8 and 3.7 on windows 10 How to install Pillow in Python 3.8? How to install TensorFlow with Python 3.8 I am not able to use tensorflow in python 3.8
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM