我无法对此网址发出请求:
https://cobranca.homologa.bb.com.br:7101/registrarBoleto带有自签名SSL证书。
我正在构建一个与Banco do Brasil集成的SDK。 BB是巴西最大的银行之一。
在他们提供的文档上,他们说要访问此URLs并下载SSL证书以用于请求。
WSDL端点是:
我已经从SSL那里下载了所有URLs证书,并尝试执行此请求
from zeep import Client, Transport
from requests import Session
session = Session()
session.cert = "sdk_bancodobrasil/certificados/cobrancahomologabbcombr.pem"
transport = Transport(session=session)
cli = Client(
'https://cobranca.homologa.bb.com.br:7101/Processos/Ws/RegistroCobrancaService.serviceagent?wsdl',
transport=transport
)
我收到此错误
Traceback (most recent call last):
File "<input>", line 6, in <module>
File "/usr/local/lib/python3.7/site-packages/zeep/client.py", line 62, in __init__
wsdl, self.transport, settings=self.settings)
File "/usr/local/lib/python3.7/site-packages/zeep/wsdl/wsdl.py", line 82, in __init__
document = self._get_xml_document(location)
File "/usr/local/lib/python3.7/site-packages/zeep/wsdl/wsdl.py", line 143, in _get_xml_document
location, self.transport, self.location, settings=self.settings)
File "/usr/local/lib/python3.7/site-packages/zeep/loader.py", line 74, in load_external
content = transport.load(url)
File "/usr/local/lib/python3.7/site-packages/zeep/transports.py", line 110, in load
content = self._load_remote_data(url)
File "/usr/local/lib/python3.7/site-packages/zeep/transports.py", line 126, in _load_remote_data
response = self.session.get(url, timeout=self.load_timeout)
File "/usr/local/lib/python3.7/site-packages/requests/sessions.py", line 546, in get
return self.request('GET', url, **kwargs)
File "/usr/local/lib/python3.7/site-packages/requests/sessions.py", line 533, in request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python3.7/site-packages/requests/sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "/usr/local/lib/python3.7/site-packages/requests/adapters.py", line 449, in send
timeout=timeout
File "/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py", line 600, in urlopen
chunked=chunked)
File "/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py", line 343, in _make_request
self._validate_conn(conn)
File "/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py", line 839, in _validate_conn
conn.connect()
File "/usr/local/lib/python3.7/site-packages/urllib3/connection.py", line 344, in connect
ssl_context=context)
File "/usr/local/lib/python3.7/site-packages/urllib3/util/ssl_.py", line 335, in ssl_wrap_socket
context.load_cert_chain(certfile, keyfile)
File "/usr/local/lib/python3.7/site-packages/urllib3/contrib/pyopenssl.py", line 436, in load_cert_chain
self._ctx.use_privatekey_file(keyfile or certfile)
File "/usr/local/lib/python3.7/site-packages/OpenSSL/SSL.py", line 995, in use_privatekey_file
self._raise_passphrase_exception()
File "/usr/local/lib/python3.7/site-packages/OpenSSL/SSL.py", line 972, in _raise_passphrase_exception
_raise_current_error()
File "/usr/local/lib/python3.7/site-packages/OpenSSL/_util.py", line 54, in exception_from_error_queue
raise exception_type(errors)
OpenSSL.SSL.Error: [('PEM routines', 'PEM_read_bio', 'no start line'), ('SSL routines', 'SSL_CTX_use_PrivateKey_file', 'PEM lib')]
我尝试了所有证书,但没有成功。任何帮助都会很棒。
此外,我还尝试过其他一些关于将so证书与SSL一起使用的requests答案,但是没有发现有用的东西。
答案 0 :(得分:0)
requests库默认检查受信任的CA certifi,如果我们在verify参数中添加了正确的根证书,它将通过请求。
尝试从域https://cobranca.homologa.bb.com.br:7101/Processos/Ws/RegistroCobrancaService.serviceagent?wsdl的SSL证书链中获取证书颁发机构pem文件。
,只需更改您的代码即可使用session.verify并传递CA pem文件路径。
session.verify = './sdk_bancodobrasil/certificados/AC_Banco_do_Brasil_v3_HOM.pem'