Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
600 views
in Technique[技术] by (71.8m points)

java - generating cert for use with python requests getting PEM lib error

I have an application which I'm doing self-signing certificates for using the documentation here.

The application loads that keystore into a jetty config and loads properly and I get a warning of an untrusted certification when browsing to the site.

Then I want to use python to connect to it and I've tried all variations of generating a cert, pem, etc. nothing I do gets me to connect. Simply doing the following -

import requests
requests.get('https://servername:8443', cert=('path
o\cert\app.cert', '\\path\to\keystore\keystore'))

Gives me the following traceback -

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "C:Python27libsite-packages
equestsapi.py", line 69, in get
    return request('get', url, params=params, **kwargs)
  File "C:Python27libsite-packages
equestsapi.py", line 50, in request
    response = session.request(method=method, url=url, **kwargs)
  File "C:Python27libsite-packages
equestssessions.py", line 465, in request
    resp = self.send(prep, **send_kwargs)
  File "C:Python27libsite-packages
equestssessions.py", line 573, in send
    r = adapter.send(request, **kwargs)
  File "C:Python27libsite-packages
equestsadapters.py", line 431, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: [SSL] PEM lib (_ssl.c:2580)
See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

cert in requests is used for client site certificates, not for the CA store. Use the verify parameter to specify the CA file, e.g.:

requests.get('https://www.example.com', verify='/etc/ssl/certs/ca-certificates.crt')

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...