我正在開發一個使用 base64 編碼證書和私鑰的簡單 python 腳本。這些是腳本中的 base64 編碼字串文字。
我像這樣創建一個 Pkcs12Context 類定義(它加載證書和密鑰)。
class Pkcs12Context(requests.packages.urllib3.contrib.pyopenssl.OpenSSL.SSL.Context):
def __init__(self, method):
super(Pkcs12Context, self).__init__(method)
self.use_certificate(load_certificate(FILETYPE_PEM, base64.b64decode(ENCODED_CERT)))
self.use_privatekey(load_privatekey(FILETYPE_PEM, base64.b64decode(ENCODED_PRIVATEKEY)))
稍后,我獲取一個 json 有效負載物件并使用 對其進行簽名,并jwt.encode()為其提供解碼的私鑰。
然后我提出這樣的請求請求:
response = requests.post('https://<sampleapiendpoint>', headers={"Content-Type": "text/xml"}, data=signed_payload, timeout=60)
問題是當我用 python2 運行腳本時,它會出錯:
Traceback (most recent call last):
File "apirequest.py", line 171, in <module>
response = requests.post('https://<sampleapiendpoint>', headers={"Content-Type": "text/xml"}, data=signed_payload, timeout=60)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/requests/api.py", line 108, in post
return request('post', url, data=data, json=json, **kwargs)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/requests/api.py", line 50, in request
response = session.request(method=method, url=url, **kwargs)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/requests/sessions.py", line 464, in request
resp = self.send(prep, **send_kwargs)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/requests/sessions.py", line 576, in send
r = adapter.send(request, **kwargs)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/requests/adapters.py", line 431, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:727)
如果我使用 python3,我會得到以下呼叫堆疊:
Traceback (most recent call last):
File "/Users/<username>/Projects/<folder>/<folder2>/apicall.py", line 94, in <module>
class Pkcs12Context(requests.packages.urllib3.contrib.pyopenssl.OpenSSL.SSL.Context):
AttributeError: module 'requests.packages.urllib3.contrib' has no attribute 'pyopenssl'
I have tried uninstalling and reinstalling pyopenssl to no avail. I have tried both python2 and python3, neither work. I do suspect however that the python2 one is working, but there's something wrong with the certs/keys so that the handshake never succeeds (which means its a script or endpoint configuration problem). I have also tried a potential solution described on a forum at https://github.com/certbot/certbot/issues/6328, where they say to try to use requests 2.6.0, which I am. Is the python2 version actually working, but there's a cert/key configuration problem with the api endpoint? And why doesn't the python3 version work?
Here is the output of the pip freeze command:
certifi==2021.10.8
cffi==1.15.0
charset-normalizer==2.0.12
cryptography==36.0.1
idna==3.3
pycparser==2.21
PyJWT==2.3.0
pyOpenSSL==22.0.0
requests==2.6.0
urllib3==1.26.8
uj5u.com熱心網友回復:
我無法直接解決這個問題。相反,它是通過以下方法解決的。我們沒有創建 Pkcs12Context,而是根本不這樣做,而是使用 requests.posts 方法的 certs 引數將證書提供給請求呼叫。
response = requests.post('https://<url>',
cert=(SSL_CERTIFICATE_FILENAME, SSL_CERTIFICATE_PVKEY_FILENAME),
headers={"Content-Type": "text/xml"}, data=encoded, timeout=60)
轉載請註明出處,本文鏈接:https://www.uj5u.com/qukuanlian/437992.html