zeep requests.exceptions.SSLError: ("握手错误: 错误([('SSL 例程', 'ssl3_get_server_certificate', '证书验证失败')],)",)

Question

我尝试在 python 的 zeep lib 的帮助下创建 SOAP 客户端

import os
from zeep import Client
from zeep.wsse.signature import Signature

key_filename = "/etc/ssl/certs/cert.key.pem"
cert_filename = "/etc/ssl/certs/cert.crt.pem"

client = Client('https://37.230.149.6:10004/emias-soap-service/PGUServicesInfo2?wsdl', wsse=Signature(key_filename, cert_filename))

但有一个例外：

Traceback (most recent call last):
  File "/home/max/bot_project/Bots_Django/TelegramBot/bot/simple_soap_client.py", line 19, in <module>
    wsse=Signature(key_filename, cert_filename))
  File "/home/max/bot_project/Bots_Django/venv/local/lib/python2.7/site-packages/zeep/client.py", line 120, in __init__
    self.wsdl = Document(wsdl, self.transport, strict=strict)
  File "/home/max/bot_project/Bots_Django/venv/local/lib/python2.7/site-packages/zeep/wsdl/wsdl.py", line 76, in __init__
    document = self._get_xml_document(location)
  File "/home/max/bot_project/Bots_Django/venv/local/lib/python2.7/site-packages/zeep/wsdl/wsdl.py", line 137, in _get_xml_document
    location, self.transport, self.location, strict=self.strict)
  File "/home/max/bot_project/Bots_Django/venv/local/lib/python2.7/site-packages/zeep/loader.py", line 66, in load_external
    content = transport.load(url)
  File "/home/max/bot_project/Bots_Django/venv/local/lib/python2.7/site-packages/zeep/transports.py", line 111, in load
    content = self._load_remote_data(url)
  File "/home/max/bot_project/Bots_Django/venv/local/lib/python2.7/site-packages/zeep/transports.py", line 126, in _load_remote_data
    response = self.session.get(url, timeout=self.load_timeout)
  File "/home/max/bot_project/Bots_Django/venv/local/lib/python2.7/site-packages/requests/sessions.py", line 501, in get
    return self.request('GET', url, **kwargs)
  File "/home/max/bot_project/Bots_Django/venv/local/lib/python2.7/site-packages/requests/sessions.py", line 488, in request
    resp = self.send(prep, **send_kwargs)
  File "/home/max/bot_project/Bots_Django/venv/local/lib/python2.7/site-packages/requests/sessions.py", line 609, in send
    r = adapter.send(request, **kwargs)
  File "/home/max/bot_project/Bots_Django/venv/local/lib/python2.7/site-packages/requests/adapters.py", line 497, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: ("bad handshake: Error([('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')],)",)

如何修复此异常以及我的代码有什么问题？

Answer 1

显式地将

Session

对象传递给您的 zeep

Client

（通过

Transport

对象）并设置

verify=False

这是一个例子：

from requests import Session
from zeep import Client
from zeep.transports import Transport
from zeep.wsse.signature import Signature

import os

key_filename = "/etc/ssl/certs/cert.key.pem"
cert_filename = "/etc/ssl/certs/cert.crt.pem"

session = Session()
session.verify = False

client = Client(
    'https://37.230.149.6:10004/emias-soap-service/PGUServicesInfo2?wsdl',
    wsse=Signature(key_filename, cert_filename),
    transport=Transport(session=session)
)

或者，您应该这样做的方法是将

session.verify

设置为 CA 颁发机构证书（安装在服务器 ROOT 和 SUB 证书上的证书的颁发者），例如：

session.verify = "/path/to/ca_cert.pem"

如果证书的颁发者与

ca_cert.pem

中的颁发者相同，这基本上会告诉你的Python脚本信任该URL

Answer 2

1
投票

这对我有用-

session.verify = False

Answer 3

0
投票

我认为你需要使用 verify=False

Answer 4

client = Client(wsdl=wsdl_url)
client.transport.session.verify = False

zeep requests.exceptions.SSLError: ("握手错误: 错误([('SSL 例程', 'ssl3_get_server_certificate', '证书验证失败')],)",)

问题描述投票：0回答：4

4个回答

最新问题

zeep requests.exceptions.SSLError: ("握手错误: 错误([('SSL 例程', 'ssl3_get_server_certificate', '证书验证失败')],)",)

问题描述 投票：0回答：4

4个回答

最新问题

问题描述投票：0回答：4