使用SSLv3向HTTPS服务器发送Python REST请求

时间:2017-09-14 15:15:22

标签: python ssl curl python-requests tls1.2

我正在尝试从网址中检索数据,但由于此错误导致我的连接被阻止:

requests.exceptions.SSLError: HTTPSConnectionPool(host='securehost', port=4443): Max retries exceeded with url: secureURL (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'ssl3_read_bytes', 'sslv3 alert handshake failure')],)",),))

截至目前,我认为我收到此错误是因为他们不同意使用SSL密码。

请求库中的默认SSL类型为:

TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:DH+CHACHA20:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!eNULL:!MD5

然而,当我在服务器上运行curl -v时,我试图从我那里请求数据:

$ curl -v SecureLink
* timeout on name lookup is not supported
*   Trying 8.8.8.8...
* TCP_NODELAY set
* Connected to SecureLink (8.8.8.8) port 4443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: C:/Program Files/Git/mingw64/ssl/certs/ca-bundle.crt
  CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / DES-CBC3-SHA
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: OU=Domain Control Validated; CN=secureDomain
*  start date: Sep  1 17:52:38 2016 GMT
*  expire date: Sep  1 17:52:38 2019 GMT
*  subjectAltName: host "secureHost" matched cert's "secureHost"
*  issuer: C=US; ST=Arizona; L=Scottsdale; O=GoDaddy.com, Inc.; OU=http://certs.
godaddy.com/repository/; CN=Go Daddy Secure Certificate Authority - G2
*  SSL certificate verify ok.
> GET Link HTTP/1.1
> Host: secureHost&Port
> User-Agent: curl/7.55.0
> Accept: */*

我尝试过编辑默认密码:

requests.packages.urllib3.util.ssl_.DEFAULT_CIPHERS += ':RC4-SHA'


requests.packages.urllib3.util.ssl_.DEFAULT_CIPHERS += ':DES-CBC3-SHA'

无济于事。

非常感谢有关通过请求库建立此成功连接的任何帮助。

到目前为止我的代码是:

import requests
import json
import ssl
from urllib3.contrib import pyopenssl
import MySQLdb

params = {"t": "8IBYCELFMTKRI08K5T9YUKPN7K21YZQZ0PXV"}


print(requests.packages.urllib3.util.ssl_.DEFAULT_CIPHERS)
requests.packages.urllib3.util.ssl_.DEFAULT_CIPHERS += 'ALL:eNULL'

s = requests.Session()

print(requests.get('secureURL', params=params, timeout=5, verify=False).text)

我正在使用Python 2.7.13。 我安装的软件包是:

  1. asn1crypto 0.22.0
  2. certifi 2017.7.27.1
  3. cffi 1.10.0
  4. chardet 3.0.4
  5. cryptography 2.0.3
  6. enum34 1.1.6
  7. idna 2.6
  8. ipaddress 1.0.18
  9. pyOpenSSL 17.3.0
  10. pycparser 2.18
  11. 要求2.18.4
  12. urllib3 1.22

    13. 据我所知,错误是sslv3握手失败。

1 个答案:

答案 0 :(得分:0)

即使我在网络上,我也需要使用我的VPN连接才能运行脚本。我不确定为什么会这样,但没有VPN连接就行不通。我希望有一天能帮助别人。

相关问题
最新问题