时间戳

首页 > 解决方案 > SeqLog 无法获取本地颁发者证书

python - SeqLog 无法获取本地颁发者证书

问题描述

我正在尝试在公司环境中的 python 中设置 seqlog,但是得到

[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1076) with an internal certificate.

显然你可以使用禁用检查

requests.packages.urllib3.disable_warnings(InsecureRequestWarning)

但执行以下操作给了我"ModuleNotFoundError: No module named 'seqlog.requests'"

import seqlog
from seqlog.requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)

如何将证书导入 python 系统范围,或禁用 seqlog 包中的错误?

完整的堆栈跟踪:

-- Logging error ---
Traceback (most recent call last):
  File "C:\Program Files\Python37\lib\site-packages\urllib3\connectionpool.py", line 672, in urlopen
    chunked=chunked,
  File "C:\Program Files\Python37\lib\site-packages\urllib3\connectionpool.py", line 376, in _make_request
    self._validate_conn(conn)
  File "C:\Program Files\Python37\lib\site-packages\urllib3\connectionpool.py", line 994, in _validate_conn
    conn.connect()
  File "C:\Program Files\Python37\lib\site-packages\urllib3\connection.py", line 394, in connect
    ssl_context=context,
  File "C:\Program Files\Python37\lib\site-packages\urllib3\util\ssl_.py", line 370, in ssl_wrap_socket
    return context.wrap_socket(sock, server_hostname=server_hostname)
  File "C:\Program Files\Python37\lib\ssl.py", line 423, in wrap_socket
    session=session
  File "C:\Program Files\Python37\lib\ssl.py", line 870, in _create
    self.do_handshake()
  File "C:\Program Files\Python37\lib\ssl.py", line 1139, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1076)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "C:\Program Files\Python37\lib\site-packages\requests\adapters.py", line 449, in send
    timeout=timeout
  File "C:\Program Files\Python37\lib\site-packages\urllib3\connectionpool.py", line 720, in urlopen
    method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2]
  File "C:\Program Files\Python37\lib\site-packages\urllib3\util\retry.py", line 436, in increment
    raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='test.server.corp', port=5341): Max retries exceeded with url: /api/events/raw (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1076)')))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "C:\Program Files\Python37\lib\site-packages\seqlog\structured_logging.py", line 374, in publish_log_batch
    stream=True  # prevent '362'
  File "C:\Program Files\Python37\lib\site-packages\requests\sessions.py", line 581, in post
    return self.request('POST', url, data=data, json=json, **kwargs)
  File "C:\Program Files\Python37\lib\site-packages\requests\sessions.py", line 533, in request
    resp = self.send(prep, **send_kwargs)
  File "C:\Program Files\Python37\lib\site-packages\requests\sessions.py", line 646, in send
    r = adapter.send(request, **kwargs)
  File "C:\Program Files\Python37\lib\site-packages\requests\adapters.py", line 514, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='test.server.corp', port=5341): Max retries exceeded with url: /api/events/raw (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1076)')))
Call stack:
  File "C:\Program Files\Python37\lib\logging\__init__.py", line 2033, in shutdown
    h.flush()
  File "C:\Program Files\Python37\lib\site-packages\seqlog\structured_logging.py", line 320, in flush
    self.consumer.flush()
  File "C:\Program Files\Python37\lib\site-packages\seqlog\consumer.py", line 67, in flush
    self.callback(current_batch)
  File "C:\Program Files\Python37\lib\site-packages\seqlog\structured_logging.py", line 379, in publish_log_batch
    self.handleError(batch[0])
Message: 'Test log message'
Arguments: ()
Response from Seq was unavailable.

标签: pythonseqcertifi

解决方案

已准备好发布此问题,但在https://github.com/tintoy/seqlog/issues/21#issuecomment-547490928上的用户“vitekzach”最后一次尝试中找到了答案

您好,感谢您的建议!

我不喜欢关闭验证,尤其是因为它涉及到编辑包。

不过,我找到了另一个解决方案-请求使用名为 certifi 的包,该包具有证书列表,>所以我要做的就是以 base-64 编码导出相关证书(在我的情况下为根),然后>将其附加到cacert.pem文件中在 certifi 包里面。

推荐阅读