Python请求 - 客户端证书的SSL错误 [英] Python Requests - SSL error for client side cert

问题描述

我使用python中的请求调用REST API，到目前为止，当我设置 verify = False 时，它已成功。

I'm calling a REST API with requests in python and so far have been successful when I set verify=False.

现在，我必须使用客户端证书，我需要导入身份验证，我得到这个错误每次我使用 cert（.pfx）。 cert.pfx 是受密码保护的。

Now, I have to use client side cert that I need to import for authentication and I'm getting this error everytime I'm using the cert (.pfx). cert.pfx is password protected.

r = requests.post(url, params=payload, headers=headers, 
                  data=payload, verify='cert.pfx')

是我得到的错误：

Traceback (most recent call last):
File "C:\Users\me\Desktop\test.py", line 65, in <module>
r = requests.post(url, params=payload, headers=headers, data=payload, verify=cafile)
File "C:\Python33\lib\site-packages\requests\api.py", line 88, in post
return request('post', url, data=data, **kwargs)
File "C:\Python33\lib\site-packages\requests\api.py", line 44, in request
return session.request(method=method, url=url, **kwargs)
File "C:\Python33\lib\site-packages\requests\sessions.py", line 346, in request
resp = self.send(prep, **send_kwargs)
File "C:\Python33\lib\site-packages\requests\sessions.py", line 449, in send
r = adapter.send(request, **kwargs)
File "C:\Python33\lib\site-packages\requests\adapters.py", line 322, in send
raise SSLError(e)
requests.exceptions.SSLError: unknown error (_ssl.c:2158)

我也尝试了openssl获取 .pem 和键 .pem 并获得 SSL：CERTIFICATE_VERIFY_FAILED

有人可以指示我如何导入证书和在哪里放置它？我尝试搜索，但仍然面临同样的问题。

Can someone please direct me on how to import the certs and where to place it? I tried searching but still faced with the same issue.

推荐答案

我有同样的问题。 verify 参数似乎指的是服务器的证书。您需要 cert 参数指定您的客户端证书。

I had this same problem. The verify parameter seems to refer to the server's certificate. You want the cert parameter to specify your client certificate.

我不得不使用OpenSSL转换获得证书PEM文件和一个关键的PEM文件。

I had to use OpenSSL to convert to get a certificate PEM file and a key PEM file.

import requests
cert_file_path = "cert.pem"
key_file_path = "key.pem"

url = "https://example.com/resource"
params = {"param_1": "value_1", "param_2": "value_2"}
cert = (cert_file_path, key_file_path)
r = requests.get(url, params=params, cert=cert, verify=False)

我仍然有一些问题，请求不能很好地与一些SSL服务器玩，但我认为验证 / cert 的区别可能是你的问题。

I still had problems with Requests not playing nicely with some SSL servers, but I think the verify / cert distinction might be your problem.

这篇关于Python请求 - 客户端证书的SSL错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！