证书验证失败,并带有MechanicalSoup

时间:2019-12-11 22:58:19

标签: python python-3.x ssl ssl-certificate mechanicalsoup

我想使用MechanicalSoup从路由器中检索一些数据。但是,当我尝试时,我得到“证书验证失败”。在我看来,我有两个选择

  1. 找到禁用SSL验证的方法
  2. 告诉MechanicalSoup在哪里可以找到pem文件(我使用“ openssl s_connect ....”创建了它)

到目前为止,我的代码如下:

import argparse
import mechanicalsoup
from getpass import getpass

parser = argparse.ArgumentParser(description="Get data from router")
parser.add_argument("-u", "--username", help="User", type=str,
                    required=True)
parser.add_argument("-s", "--server", help="server", type=str,
                    required=True)
parser.add_argument("-p", "--port", help="Port", type=str,
                    required=False, default="8443")
parser.add_argument("-v", "--verbose", help="Verbose output. Add " +
                    "additional v to increase level.",
                    action="count", default=0)
args = parser.parse_args()

args.password = getpass("Password:")

browser = mechanicalsoup.StatefulBrowser(
    soup_config={'features': 'lxml'},
    raise_on_404=True,
    user_agent='getdata.py/0.1',
)

browser.set_verbose(args.verbose)

browser.open("https://" + args.server + ":" + args.port)

来自堆栈末尾的完整错误消息:

Traceback (most recent call last):
  File "perfcreate.py", line 33, in <module>
    browser.open("https://" + args.server + ":" + args.port)
  File "/home/andyw/mypy_env/lib/python3.6/site-packages/mechanicalsoup/stateful_browser.py", line 133, in open
    resp = self.get(url, *args, **kwargs)
  File "/home/andyw/mypy_env/lib/python3.6/site-packages/mechanicalsoup/browser.py", line 124, in get
    response = self.session.get(*args, **kwargs)
  File "/home/andyw/mypy_env/lib/python3.6/site-packages/requests/sessions.py", line 546, in get
    return self.request('GET', url, **kwargs)
  File "/home/andyw/mypy_env/lib/python3.6/site-packages/requests/sessions.py", line 533, in request
    resp = self.send(prep, **send_kwargs)
  File "/home/andyw/mypy_env/lib/python3.6/site-packages/requests/sessions.py", line 646, in send
    r = adapter.send(request, **kwargs)
  File "/home/andyw/mypy_env/lib/python3.6/site-packages/requests/adapters.py", line 514, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='192.168.1.1', port=8443): Max retries exceeded with url: / (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))

2 个答案:

答案 0 :(得分:1)

也许您可以使用:browser.open("https://" + args.server + ":" + args.port, verify=False)

答案 1 :(得分:0)

MechanicalSoup对SSL证书没有做任何特定的事情,但是browser.open将其参数转发给requests.Session.request的构造函数,该构造函数包括以下内容:

  

验证 –(可选)布尔值(在这种情况下,它控制我们是验证服务器的TLS证书还是字符串),在这种情况下,它必须是要使用的CA捆绑软件的路径。默认为True。

     

证书 –(可选)如果为String,则为ssl客户端证书文件(.pem)的路径。如果是元组(“证书”,“密钥”)配对。

因此,您可以使用verify=False作为其他答案(不安全),或者使用download the certificate from the website并使用cert="/path/to/certificate.pem

相关问题
最新问题