![](/img/trans.png)
[英]SSL: CERTIFICATE_VERIFY_FAILED certificate verify failed in Python
[英]Python requests: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate
我試圖通過將上游服務器作為代理傳遞來終止 NGINX 上的 SSL。 工作環境在本地主機上。
我想盡一切辦法抑制錯誤,但它不會
NGINX 配置
stream {
upstream stream_backend {
server localhost:5011;
}
server {
listen 80;
listen 443 ssl;
proxy_pass stream_backend;
ssl_certificate /etc/ssl/certs/proxypool.crt;
ssl_certificate_key /etc/ssl/private/proxypool.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_session_timeout 4h;
ssl_session_cache shared:SSL:20m;
}
}
我生成證書的方式
sudo openssl req -x509 -nodes -days 9999 -newkey rsa:2048 \
-keyout /etc/ssl/private/proxypool.key \
-out /etc/ssl/certs/proxypool.crt
*對所有提示回答為空
我執行請求的方式
proxies = {
'http': 'http://localhost',
'https': 'https://localhost'
}
response = requests.post(
'https://api.ipify.org?format=json',
proxies=proxies,
verify="/etc/ssl/certs/proxypool.pem"
)
錯誤
requests.exceptions.SSLError: HTTPSConnectionPool(host='api.ipify.org', port=443): Max retries exceeded with url: /?format=json (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:1131)')))
我嘗試過但沒有成功的事情
verify=False
。 結果certificate verify failed: Hostname mismatch, certificate is not valid for 'localhost'
將您的自簽名證書添加到 Python 證書包中,通過以下方式檢查它的位置:
>>> import certifi
>>> certifi.where()
'/Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-
packages/certifi/cacert.pem'
並將您的證書添加到該文件的末尾。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.