我将首先道歉-我在论坛上搜索了数周,但没有找到解决方案。我拼凑了很多其他人发现的东西,但是我不太了解下一步需要做什么。
Windows10,Python3.7
我正在尝试浏览公司网站并自动执行一些与工单相关的任务。尝试访问该站点时,我收到所有与未通过Python验证的证书有关的错误。在reddit / SO / ect等其他网站上则不会发生这种情况。该网站也只能在公司内部网上访问。
我可以使用request.get(url,verify = False)来解决这个问题,但是我不想让自己面对安全问题。
>>> from OpenSSL import SSL
>>> import requests
>>> import certifi
>>> url = "https://me-help.xyzcompany.com/helpdesk/WebObjects/Helpdesk.woa"
>>> page = requests.get(url)
Traceback (most recent call last):
File "C:\Users\MyName\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\contrib\pyopenssl.py", line 444, in wrap_socket
cnx.do_handshake()
File "C:\Users\MyName\AppData\Local\Programs\Python\Python37-32\lib\site-packages\OpenSSL\SSL.py", line 1907, in do_handshake
self._raise_ssl_error(self._ssl, result)
File "C:\Users\MyName\AppData\Local\Programs\Python\Python37-32\lib\site-packages\OpenSSL\SSL.py", line 1639, in _raise_ssl_error
_raise_current_error()
File "C:\Users\MyName\AppData\Local\Programs\Python\Python37-32\lib\site-packages\OpenSSL\_util.py", line 54, in exception_from_error_queue
raise exception_type(errors)
OpenSSL.SSL.Error: [('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')]
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Users\MyName\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\connectionpool.py", line 600, in urlopen
chunked=chunked)
File "C:\Users\MyName\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\connectionpool.py", line 343, in _make_request
self._validate_conn(conn)
File "C:\Users\MyName\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\connectionpool.py", line 849, in _validate_conn
conn.connect()
File "C:\Users\MyName\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\connection.py", line 356, in connect
ssl_context=context)
File "C:\Users\MyName\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\util\ssl_.py", line 359, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File "C:\Users\MyName\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\contrib\pyopenssl.py", line 450, in wrap_socket
raise ssl.SSLError('bad handshake: %r' % e)
ssl.SSLError: ("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')])",)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Users\MyName\AppData\Local\Programs\Python\Python37-32\lib\site-packages\requests\adapters.py", line 445, in send
timeout=timeout
File "C:\Users\MyName\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\connectionpool.py", line 638, in urlopen
_stacktrace=sys.exc_info()[2])
File "C:\Users\MyName\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\util\retry.py", line 398, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='me-help.xyzcompany.com', port=443): Max retries exceeded with url: /helpdesk/WebObjects/Helpdesk.woa (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')])")))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "C:\Users\MyName\AppData\Local\Programs\Python\Python37-32\lib\site-packages\requests\api.py", line 72, in get
return request('get', url, params=params, **kwargs)
File "C:\Users\MyName\AppData\Local\Programs\Python\Python37-32\lib\site-packages\requests\api.py", line 58, in request
return session.request(method=method, url=url, **kwargs)
File "C:\Users\MyName\AppData\Local\Programs\Python\Python37-32\lib\site-packages\requests\sessions.py", line 512, in request
resp = self.send(prep, **send_kwargs)
File "C:\Users\MyName\AppData\Local\Programs\Python\Python37-32\lib\site-packages\requests\sessions.py", line 622, in send
r = adapter.send(request, **kwargs)
File "C:\Users\MyName\AppData\Local\Programs\Python\Python37-32\lib\site-packages\requests\adapters.py", line 511, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='me-help.xyzcompany.com', port=443): Max retries exceeded with url: /helpdesk/WebObjects/Helpdesk.woa (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')])")))
>>> print(certifi.where())
C:\Users\MyName\AppData\Local\Programs\Python\Python37-32\lib\site-packages\certifi\cacert.pem
>>> print(ssl.get_default_verify_paths().capath)
None
我尝试使用C:\ Program Files(x86)\ Common Files \ SSL / cert.pem将REQUESTS_CA_BUNDLE添加为环境变量,但这也不起作用。
有人有什么建议吗?我一直在阅读和阅读,找不到可靠的解决方案。我看到其他一些具有相同问题的用户也可以联系其IT部门将其列入白名单,但我认为这不是我的选择。