Python请求证书时出错,由SSLError(SSLError(9,'[SSL] PEM库(_ssl.c:4027)

uqjltbpv  于 2023-01-17  发布在  Python
关注(0)|答案(1)|浏览(648)

下面是我的代码:

import requests

url = 'https://ecomm.pashabank.az:18443/ecomm2/MerchantHandler'

headers = {'content-type' : 'application/json'}

data = { # some optional data
    "command": "v",
    "amount": "10",
    "currency": "932",
    "client_ip_addr": "167.992.139.153",
    "msg_type": "SMS"
}

# all certificates are in the current directory within this script file
psroot = "PSroot.pem"
cert_file = "certificate.0025598.der"
key_file = "certificate.0025598.pem"

certs = (cert_file, key_file, psroot)
response = requests.post(url, cert=certs)

引发此错误:

Traceback (most recent call last):
  File "/Users/mammadaliyevmammadali/Desktop/bank/main.py", line 19, in <module>
    response = requests.post(url, cert=certs)
  File "/Users/mammadaliyevmammadali/.local/share/virtualenvs/bank-wIDLHQju/lib/python3.9/site-packages/requests/api.py", line 115, in post
    return request("post", url, data=data, json=json, **kwargs)
  File "/Users/mammadaliyevmammadali/.local/share/virtualenvs/bank-wIDLHQju/lib/python3.9/site-packages/requests/api.py", line 59, in request
    return session.request(method=method, url=url, **kwargs)
  File "/Users/mammadaliyevmammadali/.local/share/virtualenvs/bank-wIDLHQju/lib/python3.9/site-packages/requests/sessions.py", line 587, in request
    resp = self.send(prep, **send_kwargs)
  File "/Users/mammadaliyevmammadali/.local/share/virtualenvs/bank-wIDLHQju/lib/python3.9/site-packages/requests/sessions.py", line 701, in send
    r = adapter.send(request, **kwargs)
  File "/Users/mammadaliyevmammadali/.local/share/virtualenvs/bank-wIDLHQju/lib/python3.9/site-packages/requests/adapters.py", line 563, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='ecomm.pashabank.az', port=18443): Max retries exceeded with url: /ecomm2/MerchantHandler (Caused by SSLError(SSLError(9, '[SSL] PEM lib (_ssl.c:4027)')))

请注意错误末尾的**_ssl.c:4027**。我找不到修复方法。我需要验证我的3个证书来处理请求。如何做?所有证书的格式都正确,并通过了安全验证。所有实现都正确,但我的脚本不起作用。请帮助!

cclgggtu

cclgggtu1#

cert_file = "certificate.0025598.der"

给定文件扩展名,这看起来像一个DER格式的证书。但PEM格式是预期的。证书可以从DER转换为PEM

openssl x509 -inform der -in certificate.0025598.der -out certificate.0025598.pem

然后改用certificate.0025598.pem
....由SSL错误导致(SSL错误(9,“[SSL] PEM库(_ssl.c:4027)"))
这个错误引用了源代码中Modules/_ssl. c中的第4027行,但是如果没有你的Python版本,就不知道这一行的代码是什么,只知道你使用的是Python 3.9,这一行附近的相关代码如下:

4031      r = SSL_CTX_use_certificate_chain_file(self->ctx,
  4032          PyBytes_AS_STRING(certfile_bytes));
  4033      PySSL_END_ALLOW_THREADS_S(pw_info.thread_state);
  4034      if (r != 1) {
  ...
  4044              _setSSLError(NULL, 0, __FILE__, __LINE__);

这是试图加载作为客户端证书的证书的代码,即您的certificate.0025598.derPEM lib意味着错误来自OpenSSL中试图将证书解释为PEM的部分,但失败了。因此,它与我最初的推测相匹配,即您的证书不是预期的PEM格式,而是DER格式。

相关问题