Python AWS Lambda证书 [英] Python AWS Lambda Certificates
问题描述
如何为我的Python3 AWS Lambda函数使用的信任库添加一个附加的CA(证书颁发机构)?
How do I add an additional CA (certificate authority) to the trust store used by my Python3 AWS Lambda function?
推荐答案
如果只需要一个CA,则获取crt文件,并在Linux中使用以下命令将其编码为pem:
If you only need a single CA, then get your crt file and encode it into a pem using the following command in linux:
openssl x509 -text -in"{您的CA} .crt"> cacert.pem
openssl x509 -text -in "{your CA}.crt" > cacert.pem
如果您需要将CA添加到默认的CA捆绑包中,则将python3.8/site-packages/certifi/cacert.pem复制到您的lambda文件夹中.然后为每个crt运行以下命令:
If you need to add CA's to the default CA bundle, then copy python3.8/site-packages/certifi/cacert.pem to your lambda folder. Then run this command for each crt:
openssl x509 -text -in"{您的CA} .crt" >> cacert.pem
openssl x509 -text -in "{your CA}.crt" >> cacert.pem
创建pem文件后,请在环境变量REQUESTS_CA_BUNDLE设置为/var/task/cacert.pem 的情况下部署lambda.
After creating the pem file, deploy your lambda with the REQUESTS_CA_BUNDLE environment variable set to /var/task/cacert.pem.
/var/task是AWS Lambda将压缩后的代码提取到的位置.
/var/task is where AWS Lambda extracts your zipped up code to.
这篇关于Python AWS Lambda证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!