我正在使用来自 Raspberry Pi 的 SSL protocole和来自Gandi的签名证书运行网络服务器。
serwer使用配置中的 ssl_module ='builtin'。 但由于浏览器在识别证书颁发者方面存在问题,我需要通过 ssl_certificate_chain 属性提供中间证书,只有使用 ssl_module ='pyopenssl'才允许这样做。但是这个配置不起作用。 (见错误信息)
ENGINE Error in 'start' listener <bound method Server.start of <cherrypy._cpserver.Server object at 0xe435b0>>
Traceback (most recent call last):
File "/usr/local/lib/python3.2/dist-packages/cherrypy/process/wspbus.py", line 205, in publish
output.append(listener(*args, **kwargs))
File "/usr/local/lib/python3.2/dist-packages/cherrypy/_cpserver.py", line 167, in start
self.httpserver, self.bind_addr = self.httpserver_from_self()
File "/usr/local/lib/python3.2/dist-packages/cherrypy/_cpserver.py", line 158, in httpserver_from_self
httpserver = _cpwsgi_server.CPWSGIServer(self)
File "/usr/local/lib/python3.2/dist-packages/cherrypy/_cpwsgi_server.py", line 60, in __init__
adapter_class = wsgiserver.get_ssl_adapter_class(ssl_module)
File "/usr/local/lib/python3.2/dist-packages/cherrypy/wsgiserver/wsgiserver3.py", line 1882, in get_ssl_adapter_class
adapter = ssl_adapters[name.lower()]
KeyError: 'pyopenssl'
[31/Jul/2015:16:04:18] ENGINE Shutting down due to error in start listener:
Traceback (most recent call last):
File "/usr/local/lib/python3.2/dist-packages/cherrypy/process/wspbus.py", line 243, in start
self.publish('start')
File "/usr/local/lib/python3.2/dist-packages/cherrypy/process/wspbus.py", line 223, in publish
raise exc
cherrypy.process.wspbus.ChannelFailures: KeyError('pyopenssl',)
pyOpenSSL 已安装。 但是当我做测试时:
'&gt;&gt;&gt;导入ssl
'&gt;&gt;&gt;导入套接字
'&gt;&gt;&gt; hasattr(套接字,'ssl')
假
在使用 pip-3.2 安装 libssl-dev 后,我还尝试重建 Python3.2 。但我没有成功,不得不恢复整个系统。
谢谢你的帮助!
答案 0 :(得分:0)
至少有几个CherryPy版本ssl_builtin supports certificate_chain。从Cheese Shop(即pip install CherryPy)安装CherryPy 3.7+,而不是从Debian Pacakges安装。 Python 3.2本身是一个很好的更新候选者(例如,许多库是3.3 +)。
另请查看this answer以了解当前的CherryPy SSL问题。或this section直接,因为CherryPy目前不支持Python 3的PyOpenSSL。