Windows:Python SSL 证书验证失败 [英] Windows: Python SSL certificate verify failed

问题描述

我已经安装了 Anaconda 并且在尝试通过 Jupyter Notebooks 进行 API 调用时遇到了 SSL 问题:

导入请求进口证明r = requests.get('https://github.com/')打印(右)

这首先产生了 SSL 连接错误.经过广泛的搜索和我们 IT 部门的帮助，我可以解决这个问题.这里的解决方案是将公司根证书添加到certifi证书存储中.

不幸的是，现在对于其他请求，我仍然遇到同样的问题.使用 google2pandas 包调用 Google Analytics API 的示例代码:

来自 google2pandas 导入 *查询 = {'报告请求':[{'viewId':37616054，'日期范围':[{'开始日期' : '8daysAgo','结束日期':'今天'}]，'方面' : [{'name' : 'ga:date'},{'name' : 'ga:pagePath'},{'name' : 'ga:browser'}],指标":[{'表达式' : 'ga:pageviews'}],'dimensionFilterClauses':[{'运算符' : 'AND',过滤器":[{'dimensionName' : 'ga:browser','运算符':'正则表达式'，'表达式' : ['Firefox']},{'dimensionName' : 'ga:pagePath','运算符':'正则表达式'，'表达式':['iPhone']}]}]}]}# 假设我们已经将我们的 client_secrets_v4.json 文件放在当前# 工作目录.conn = GoogleAnalyticsQueryV4(secrets='Analytics.json')df = conn.execute_query(query)

这里我仍然收到我之前在简单调用中遇到的 SSL 错误:

<块引用>

C:\ProgramData\Anaconda3\lib\ssl.py in _create(cls, sock, server_side,do_handshake_on_connect、suppress_ragged_eofs、server_hostname、上下文，会话)848#非阻塞849引发ValueError(不应指定do_handshake_on_connect非阻塞套接字")--> 850 self.do_handshake()851 除外(OSError、ValueError):第852话

C:\ProgramData\Anaconda3\lib\ssl.py in do_handshake(self, block)
1106 如果超时 == 0.0 并阻止:1107
self.settimeout(None)-> 1108 self._sslobj.do_handshake() 1109 最后:1110 self.settimeout(timeout)

SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] 证书验证失败:无法获得本地颁发者证书 (_ssl.c:1045)

我相信还有另一个库在使用，它不依赖于证书?但我不知道在何处以及如何添加我的根证书，因此所有 iPython 请求都将起作用.

感谢任何想法.

解决方案

我花了几天时间研究如何解决这个问题.最后，我将我公司的 CA 证书添加到请求库使用的配置文件中.您可以通过以下方式检查此文件的路径:

导入请求为 r打印(r.certs.where())

打印python使用的cacert.pem的路径，编辑并在其底部附加CA证书.

I've installed Anaconda and had SSL problems when trying to do API calls via Jupyter Notebooks:

import requests
import certifi

r = requests.get('https://github.com/')
print(r)

This first produced a SSL connection error. Which I could solve after extensive search and the help of our IT department. The solution here was to add the company root certificate to certifi cert storage.

Now for other requests unfortunately I still have the same problems. Example code calling the Google Analytics API with google2pandas package:

from google2pandas import *

query = {
    'reportRequests': [{
        'viewId' : 37616054,

        'dateRanges': [{
            'startDate' : '8daysAgo',
            'endDate'   : 'today'}],

        'dimensions' : [
            {'name' : 'ga:date'}, 
            {'name' : 'ga:pagePath'},
            {'name' : 'ga:browser'}],

        'metrics'   : [
            {'expression' : 'ga:pageviews'}],

        'dimensionFilterClauses' : [{
            'operator' : 'AND',
            'filters'  : [
                {'dimensionName' : 'ga:browser',
                 'operator' : 'REGEXP',
                 'expressions' : ['Firefox']},

                {'dimensionName' : 'ga:pagePath',
                 'operator' : 'REGEXP',
                 'expressions' : ['iPhone']}]
        }]
    }]
}

# Assume we have placed our client_secrets_v4.json file in the current
# working directory.

conn = GoogleAnalyticsQueryV4(secrets='Analytics.json')
df = conn.execute_query(query)

Here I still get the SSL error I had on the simple call before as well:

C:\ProgramData\Anaconda3\lib\ssl.py in _create(cls, sock, server_side, do_handshake_on_connect, suppress_ragged_eofs, server_hostname, context, session) 848 # non-blocking 849 raise ValueError("do_handshake_on_connect should not be specified for non-blocking sockets") --> 850 self.do_handshake() 851 except (OSError, ValueError): 852 self.close()

C:\ProgramData\Anaconda3\lib\ssl.py in do_handshake(self, block)
1106 if timeout == 0.0 and block: 1107
self.settimeout(None) -> 1108 self._sslobj.do_handshake() 1109 finally: 1110 self.settimeout(timeout)

SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1045)

I believe there is another library in use, that doesn't rely on certifi? But I don't have any idea on where and how to add my root certificate, so all iPython requests will work.

Any ideas are appreciated.

解决方案

I spent a few days figuring out how to solve this problem. Finally I add the CA certificate of my company in a configuration file used by requests library. You can check the path of this file by:

import requests as r
print(r.certs.where())

The path of the cacert.pem that python uses shall be printed, edit it and append the CA certificate to the bottom of it.

这篇关于Windows:Python SSL 证书验证失败的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！