我在docker容器laudio/pyodbc中运行的python代码中存在以下证书错误
File "/usr/local/lib/python3.7/site-packages/fredapi/fred.py", line 131, in get_series
root = self.__fetch_data(url)
File "/usr/local/lib/python3.7/site-packages/fredapi/fred.py", line 64, in __fetch_data
response = urlopen(url)
File "/usr/local/lib/python3.7/urllib/request.py", line 222, in urlopen
return opener.open(url, data, timeout)
File "/usr/local/lib/python3.7/urllib/request.py", line 525, in open
response = self._open(req, data)
File "/usr/local/lib/python3.7/urllib/request.py", line 543, in _open
'_open', req)
File "/usr/local/lib/python3.7/urllib/request.py", line 503, in _call_chain
result = func(*args)
File "/usr/local/lib/python3.7/urllib/request.py", line 1362, in https_open
context=self._context, check_hostname=self._check_hostname)
File "/usr/local/lib/python3.7/urllib/request.py", line 1321, in do_open
raise URLError(err)
urllib.error.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1076)>
我的证书是最新的
root@8a03fe8175b7:/# pip install --upgrade certifi
Requirement already up-to-date: certifi in /usr/local/lib/python3.7/site-packages (2020.4.5.1)
我也曾尝试使用没有帮助的no_ssl_verification solution。
此外,该文件为空,这意味着什么吗?在我的主机上已经满了
root@2927b5836cfa:/# ls -alt /etc/ssl/certs/ca-certificates.crt
-rw-r--r-- 1 root root 0 May 23 20:14 /etc/ssl/certs/ca-certificates.crt
来自容器中python shell的更多信息,我不知道这是否有帮助。但是容器中没有/ export目录:
print(ssl.get_default_verify_paths())
DefaultVerifyPaths(cafile=None, capath=None, openssl_cafile_env='SSL_CERT_FILE', openssl_cafile='/export/home/pb2/build/sb_0-35870562-1568195162.53/openssl-1.1.1d-el6-x86-64bit/ssl/cert.pem', openssl_capath_env='SSL_CERT_DIR', openssl_capath='/export/home/pb2/build/sb_0-35870562-1568195162.53/openssl-1.1.1d-el6-x86-64bit/ssl/certs')
能否请您提供一些解决此问题的想法?
答案 0 :(得分:0)
如果您的 docker 容器中没有安装 ca 证书(即检查 /etc/ssl/certs 目录中是否存在各种证书),请先安装它们。
将以下行添加到 dockerfile 中可解决此问题。
RUN apt-get update && \
apt-get install ca-certificates -y && \
apt-get clean