SSL壞握手錯誤10054“WSAECONNRESET”
[英]SSL bad Handshake Error 10054 “WSAECONNRESET”
問題描述
筆記:
versions
Python 2.7.11 and my requests version is '2.10.0'
'OpenSSL 1.0.2d 9 Jul 2015'
Please read the below comment by Martijn Pieters before reproducing
最初我嘗試使用以下代碼從https://www.neco.navy.mil/necoattach/N6945016R0626_2016-06-20__INFO_NAS_Pensacola_Base_Access.docx獲取pdf
代碼1:
>>> import requests
>>> requests.get("https://www.neco.navy.mil/necoattach/N6945016R0626_2016-06-20__INFO_NAS_Pensacola_Base_Access.docx",verify=False)
錯誤:
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "C:\Users\mob140003207\AppData\Local\Enthought\Canopy\User\lib\site-packa
ges\requests\api.py", line 67, in get
return request('get', url, params=params, **kwargs)
File "C:\Users\mob140003207\AppData\Local\Enthought\Canopy\User\lib\site-packa
ges\requests\api.py", line 53, in request
return session.request(method=method, url=url, **kwargs)
File "C:\Users\mob140003207\AppData\Local\Enthought\Canopy\User\lib\site-packa
ges\requests\sessions.py", line 468, in request
resp = self.send(prep, **send_kwargs)
File "C:\Users\mob140003207\AppData\Local\Enthought\Canopy\User\lib\site-packa
ges\requests\sessions.py", line 576, in send
r = adapter.send(request, **kwargs)
File "C:\Users\mob140003207\AppData\Local\Enthought\Canopy\User\lib\site-packa
ges\requests\adapters.py", line 447, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: ("bad handshake: SysCallError(10054, 'WSAECONNRESE
T')",)
在谷歌搜索和搜索后,我發現你已經使用SSL驗證,並且使用帶適配器的會話可以解決問題。 但我仍然有錯誤,請找到下面的代碼和錯誤
代碼2:
import requests
from requests.adapters import HTTPAdapter
from requests.packages.urllib3.poolmanager import PoolManager
import ssl
import traceback
class MyAdapter(HTTPAdapter):
def init_poolmanager(self, connections, maxsize, block=False):
self.poolmanager = PoolManager(num_pools=connections,
maxsize=maxsize,
block=block,
ssl_version=ssl.PROTOCOL_TLSv1)
s = requests.Session()
s.mount('https://', MyAdapter())
print "Mounted "
r = s.get("https://www.neco.navy.mil/necoattach/N6945016R0626_2016-06-20__INFO_NAS_Pensacola_Base_Access.docx", stream=True, timeout=120)
錯誤:
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "C:\Users\mob140003207\AppData\Local\Enthought\Canopy\User\lib\site-packa
ges\requests\sessions.py", line 480, in get
return self.request('GET', url, **kwargs)
File "C:\Users\mob140003207\AppData\Local\Enthought\Canopy\User\lib\site-packa
ges\requests\sessions.py", line 468, in request
resp = self.send(prep, **send_kwargs)
File "C:\Users\mob140003207\AppData\Local\Enthought\Canopy\User\lib\site-packa
ges\requests\sessions.py", line 576, in send
r = adapter.send(request, **kwargs)
File "C:\Users\mob140003207\AppData\Local\Enthought\Canopy\User\lib\site-packa
ges\requests\adapters.py", line 447, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: ("bad handshake: SysCallError(10054, 'WSAECONNRESET')",)
3 個解決方案
解決方案1
7 已采納 2016-08-10 23:00:31
首先,我確認主機www.neco.navy.mil無法從任何地方訪問。 從一些網絡(地理)它工作*,從其他連接只是掛起:
$ curl www.neco.navy.mil
curl: (7) couldn't connect to host
$ curl https://www.neco.navy.mil
curl: (7) couldn't connect to host
其次,當建立連接時,存在證書問題:
$ curl -v https://www.neco.navy.mil
* Rebuilt URL to: https://www.neco.navy.mil/
* Hostname was NOT found in DNS cache
* Trying 205.85.2.133...
* Connected to www.neco.navy.mil (205.85.2.133) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS alert, Server hello (2):
* SSL certificate problem: unable to get local issuer certificate
* Closing connection 0
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
為了確保,您只需將其提供給Qualys SSL測試人員 :
CA( DoD根CA 2 )不受信任。 而且它不在鏈條中。 請注意, OpenSSL驗證過程需要整個鏈 :
首先,從提供的證書開始構建證書鏈,並以根CA結束。 如果不能建立整個鏈條,那就錯了。
但是只有www.neco.navy.mil - > DODCA-28 。 它可能與TLD和額外的安全措施有關,但C級本身並不多;-)
在他們的Python方面它將沒有太大的不同。 如果您無權訪問CA,則只能完全禁用證書驗證(當然,解決了連接問題后)。 如果你有,你可以使用cafile 。
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import urllib2
import ssl
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
r = urllib2.urlopen('https://www.neco.navy.mil/'
'necoattach/N6945016R0626_2016-06-20__INFO_NAS_Pensacola_Base_Access.docx',
timeout = 5, context = ctx)
print(len(r.read()))
r = urllib2.urlopen('https://www.neco.navy.mil/'
'necoattach/N6945016R0626_2016-06-20__INFO_NAS_Pensacola_Base_Access.docx',
timeout = 5, cafile = '/path/to/DODCA-28_and_DoD_Root_CA_2.pem')
print(len(r.read()))
要使用某些版本的Python重現,請使用如下的簡單Dockerfile:
FROM python:2.7.11
WORKDIR /opt
ADD . ./
CMD dpkg -s openssl | grep Version && ./app.py
然后運行:
docker build -t ssl-test .
docker run --rm ssl-test
解決方案2
1 2016-08-10 21:19:21
這段代碼在windows7上適用於我(py2.7.11 64位+請求== 2.10.0):
import requests
import ssl
import traceback
import shutil
from requests.adapters import HTTPAdapter
from requests.packages.urllib3.poolmanager import PoolManager
class MyAdapter(HTTPAdapter):
def init_poolmanager(self, connections, maxsize, block=False):
self.poolmanager = PoolManager(num_pools=connections,
maxsize=maxsize,
block=block,
ssl_version=ssl.PROTOCOL_TLSv1)
if __name__ == "__main__":
s = requests.Session()
s.mount('https://', MyAdapter())
print "Mounted "
filename = "N6945016R0626_2016-06-20__INFO_NAS_Pensacola_Base_Access.docx"
r = s.get(
"https://www.neco.navy.mil/necoattach/{0}".format(filename), verify=False, stream=True, timeout=120)
if r.status_code == 200:
with open(filename, 'wb') as f:
r.raw.decode_content = True
shutil.copyfileobj(r.raw, f)
解決方案3
0 2016-08-08 11:21:36
我使用python 2.7.6,這個簡單的例子仍在我的ubuntu 14.04上工作
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import requests
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
with open('out.docx', 'wb') as h :
r = requests.get("https://www.neco.navy.mil/necoattach/N6945016R0626_2016-06-20__INFO_NAS_Pensacola_Base_Access.docx", verify=False, stream=True)
for block in r.iter_content(1024):
h.write(block)
在對ArcGIS API的GET請求期間,OpenSSL.SSL.SysCallError:(10054,'WSAECONNRESET')
[英]OpenSSL.SSL.SysCallError: (10054, 'WSAECONNRESET') during GET request to ArcGIS API
如何修復 netlify api 中的 raise SysCallError(errno, errorcode.get(errno)) OpenSSL.SSL.SysCallError: (10054, 'WSAECONNRESET')?
[英]How to fix raise SysCallError(errno, errorcode.get(errno)) OpenSSL.SSL.SysCallError: (10054, 'WSAECONNRESET') in netlify api?
SSL 錯誤(錯誤握手),證書有效 | Elasticsearch & Python
[英]SSL Error (bad handshake) with valid certificate | Elasticsearch & Python
pandasdmx:sdmx.Request 導致 SSL 錯誤 - 握手錯誤
[英]pandasdmx: sdmx.Request leading to SSL Error - bad handshake
Python RoboBrowser SSL錯誤:握手錯誤:SysCallError(104,'ECONNRESET')
[英]Python RoboBrowser SSL Error : bad handshake: SysCallError(104, 'ECONNRESET')
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.
相關問題
SSL錯誤:握手不良
Python請求的SSL錯誤握手錯誤
SSL錯誤:握手錯誤(Python請求)
在對ArcGIS API的GET請求期間,OpenSSL.SSL.SysCallError:(10054,'WSAECONNRESET')
Python SSL錯誤握手
如何修復 netlify api 中的 raise SysCallError(errno, errorcode.get(errno)) OpenSSL.SSL.SysCallError: (10054, 'WSAECONNRESET')?
SSL 錯誤(錯誤握手),證書有效 | Elasticsearch & Python
pandasdmx:sdmx.Request 導致 SSL 錯誤 - 握手錯誤
Python RoboBrowser SSL錯誤:握手錯誤:SysCallError(104,'ECONNRESET')
SSL握手錯誤:[錯誤1]
相關標簽