读取pem证书期间python 3.6出现x509错误

时间:2019-07-18 08:35:25

标签: python-3.x cryptography certificate x509 pem

在我的python代码中,我面临以下问题:

Traceback (most recent call last):
  File "/tmp/mod_wsgi-localhost:5000:0/handler.wsgi", line 94, in <module>
    recorder_directory=recorder_directory)
  File "/usr/lib64/python3.6/site-packages/mod_wsgi/server/__init__.py", line 1400, in __init__
    exec(code, self.module.__dict__)
  File "/app/scripts/core.wsgi", line 1, in <module>
    from core_nbi import core_ws as application
  File "/app/core_if_nbi.py", line 357, in <module>
    coreApi.start()
  File "/app/core.py", line 250, in wrapper
    return func(self, *args, **kwargs)
  File "/app/core.py", line 646, in start
    self.otkHandler.loadCertificate()
  File "/app/core.py", line 294, in loadCertificate
    default_backend())
  File "/usr/lib64/python3.6/site-packages/cryptography/x509/base.py", line 50, in load_pem_x509_certificate
    return backend.load_pem_x509_certificate(data)
  File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1143, in load_pem_x509_certificate
    mem_bio = self._bytes_to_bio(data)
  File "/usr/lib64/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 454, in _bytes_to_bio
    data_ptr = self._ffi.from_buffer(data)
TypeError: from_buffer() cannot return the address of a unicode object

失败的代码如下:

            certificate = x509.load_pem_x509_certificate(
                certificate_file.read(),
                default_backend())
#               backend=default_backend())
            self.public_key = certificate.public_key()

注意,在python 2.7版本中,此代码有效。 现在,我必须更改python版本,并且还更新了模块。 我尝试读取的证书是有效的PEM证书,以:

开头 
-----BEGIN CERTIFICATE-----
MIIFgjCCA2oCCQD7TLSQ/uU4AjANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMC
4y34NPO08tUuRauZvhejBWLlv1yC6UID0rLdkzjFd2x0hn326r3xaPMsD7BMZVXy
................................................................
O6dZxMeQwKIuDy1lQPTyleDIdKTSTX55/Dug7ey3/Ayl7Bw63H9rlEtKy8VONJrl
9G1sJf9MoktA9uPfMk0EU9B0CZzUUQ==
-----END CERTIFICATE-----

Package        Version  
-------------- ---------
aniso8601      7.0.0    
appdirs        1.4.3    
asn1crypto     0.24.0   
avro-python3   1.9.0    
bcrypt         3.1.7    
certifi        2019.6.16
cffi           1.12.3   
chardet        3.0.4    
Click          7.0      
cryptography   2.7      
Flask          0.12.1   
Flask-HTTPAuth 3.2.2    
Flask-RESTful  0.3.5    
idna           2.6      
itsdangerous   1.1.0    
Jinja2         2.10.1   
kafka-python   1.4.3    
MarkupSafe     1.1.1    
mod-wsgi       4.5.18   
netmiko        2.4.0    
packaging      16.8     
paramiko       2.6.0    
pip            19.1.1   
pycparser      2.19     
PyJWT          1.5.2    
pymongo        3.6.0    
PyNaCl         1.3.0    
pyparsing      2.2.0    
pyserial       3.4      
pytz           2019.1   
PyYAML         5.1.1    
requests       2.18.4   
scp            0.13.2   
setuptools     38.4.1   
six            1.11.0   
textfsm        0.4.1    
urllib3        1.22     
Werkzeug       0.15.5   

pip 19.1.1 from /usr/lib/python3.6/site-packages/pip (python 3.6)

您知道如何解决该问题吗?

1 个答案:

答案 0 :(得分:0)

load_pem_x509_certificate使用bytes,而不是字符串。在Python 2.7中,此区别无关紧要,但是在3.x中,必须先将其编码为字节。由于您是从文件中读取内容的,因此最好的解决方案是将open调用更改为使用rb(读取二进制)作为模式,然后certificate_file.read()将返回字节。

相关问题
最新问题