在python中使用请求时无法获取本地颁发者证书 [英] Unable to get local issuer certificate when using requests in python

问题描述

这是我的代码

导入请求；url='那个网站';标题={'接受':'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8','接受-语言':'zh-CN,zh;q=0.9,en;q=0.8,ja;q=0.7','用户代理':'Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36'};r = requests.get(url,headers=headers);打印(r)；打印(r.status_code)；

然后它遇到了这个:

<块引用>

requests.exceptions.SSLError:

HTTPSConnectionPool(host='www.xxxxxx.com', port=44 3):

最大重试次数超过 url: xxxxxxxx (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED]

证书验证失败:无法获得本地颁发者证书(_ssl.c:1045)')))

我该怎么办?

解决方案

不建议在组织环境中使用 verify = False.这实质上是禁用 SSL 验证.

有时，当您使用公司代理时，它会用代理的证书链替换证书链.在 certifi 使用的 cacert.pem 中添加证书应该可以解决问题.我有类似的问题.这是我所做的，以解决问题 -

1. 找到cacert.pem所在的路径-

<块引用>

如果没有，请安装证书.命令:pip install certifi

导入证书certifi.where()C:\\Users\\[UserID]\\AppData\\Local\\Programs\\Python\\Python37-32\\lib\\site-packages\\certifi\\cacert.pem

2. 在浏览器上打开 URL.从 URL 下载证书链并另存为 Base64 编码的 .cer 文件.

3. 现在在记事本中打开 cacert.pem 并添加每个下载的证书内容(---Begin Certificate--- *** ---End Certificate---)最后.

here is my code

import requests;
url='that website';
headers={
  'Accept':'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8',
  'Accept-Language':'zh-CN,zh;q=0.9,en;q=0.8,ja;q=0.7',
  'User-Agent':'Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36'
};
r = requests.get(url,headers=headers);
print(r);
print(r.status_code);

then it ran into this:

requests.exceptions.SSLError:

HTTPSConnectionPool(host='www.xxxxxx.com', port=44 3):

Max retries exceeded with url: xxxxxxxx (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED]

certificate verify failed: unable to get local issuer certificate (_ssl.c:1045)')))

what should i do?

解决方案

It's not recommended to use verify = False in your organization's environments. This is essentially disabling SSL verification.

Sometimes, when you are behind a company proxy, it replaces the certificate chain with the ones of Proxy. Adding the certificates in cacert.pem used by certifi should solve the issue. I had similar issue. Here is what I did, to resolve the issue -

1. Find the path where cacert.pem is located -

Install certifi, if you don't have. Command: pip install certifi

import certifi
certifi.where()
C:\\Users\\[UserID]\\AppData\\Local\\Programs\\Python\\Python37-32\\lib\\site-packages\\certifi\\cacert.pem

2. Open the URL on a browser. Download the chain of certificates from the URL and save as Base64 encoded .cer files.

3. Now open the cacert.pem in a notepad and just add every downloaded certificate contents (---Begin Certificate--- *** ---End Certificate---) at the end.

这篇关于在python中使用请求时无法获取本地颁发者证书的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！