python - Python 请求会话忽略验证设置
问题描述
我正在使用最新的请求版本2.25.1,当我设置session.verify = False它时仍然尝试验证 SSL 证书。
这是我的代码示例。
import requests
session = requests.session()
headers = {'content-type': 'application/json',
'accept': 'application/json',
'user-agent': 'PyU4V/9.2.1.3 (Linux; version 3.10.0-957.27.2.el7.x86_64) Python 3.7.3',
'application-type': 'PyU4V-9.2.1.3'}
session.headers = headers
username = "username"
password = "password"
session.auth = HTTPBasicAuth(username, password)
session.verify = False
url = 'https://X.X.X.X:8443/univmax/restapi/version'
session.request(method='GET', url=url)
---------------------------------------------------------------------------
SSLCertVerificationError Traceback (most recent call last)
/usr/local/lib/python3.7/dist-packages/urllib3/connectionpool.py in urlopen(self, method, url, body, headers, retries, redirect, assert_same_host, timeout, pool_timeout, release_conn, chunked, body_pos, **response_kw)
705 headers=headers,
--> 706 chunked=chunked,
707 )
/usr/local/lib/python3.7/dist-packages/urllib3/connectionpool.py in _make_request(self, conn, method, url, timeout, chunked, **httplib_request_kw)
381 try:
--> 382 self._validate_conn(conn)
383 except (SocketTimeout, BaseSSLError) as e:
/usr/local/lib/python3.7/dist-packages/urllib3/connectionpool.py in _validate_conn(self, conn)
1009 if not getattr(conn, "sock", None): # AppEngine might not have `.sock`
-> 1010 conn.connect()
1011
/usr/local/lib/python3.7/dist-packages/urllib3/connection.py in connect(self)
420 ssl_context=context,
--> 421 tls_in_tls=tls_in_tls,
422 )
/usr/local/lib/python3.7/dist-packages/urllib3/util/ssl_.py in ssl_wrap_socket(sock, keyfile, certfile, cert_reqs, ca_certs, server_hostname, ssl_version, ciphers, ssl_context, ca_cert_dir, key_password, ca_cert_data, tls_in_tls)
431 else:
--> 432 ssl_sock = _ssl_wrap_socket_impl(sock, context, tls_in_tls)
433 return ssl_sock
/usr/local/lib/python3.7/dist-packages/urllib3/util/ssl_.py in _ssl_wrap_socket_impl(sock, ssl_context, tls_in_tls, server_hostname)
473 else:
--> 474 return ssl_context.wrap_socket(sock)
/usr/lib/python3.7/ssl.py in wrap_socket(self, sock, server_side, do_handshake_on_connect, suppress_ragged_eofs, server_hostname, session)
411 context=self,
--> 412 session=session
413 )
/usr/lib/python3.7/ssl.py in _create(cls, sock, server_side, do_handshake_on_connect, suppress_ragged_eofs, server_hostname, context, session)
852 raise ValueError("do_handshake_on_connect should not be specified for non-blocking sockets")
--> 853 self.do_handshake()
854 except (OSError, ValueError):
/usr/lib/python3.7/ssl.py in do_handshake(self, block)
1116 self.settimeout(None)
-> 1117 self._sslobj.do_handshake()
1118 finally:
SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:1056)
During handling of the above exception, another exception occurred:
MaxRetryError Traceback (most recent call last)
/usr/local/lib/python3.7/dist-packages/requests/adapters.py in send(self, request, stream, timeout, verify, cert, proxies)
448 retries=self.max_retries,
--> 449 timeout=timeout
450 )
/usr/local/lib/python3.7/dist-packages/urllib3/connectionpool.py in urlopen(self, method, url, body, headers, retries, redirect, assert_same_host, timeout, pool_timeout, release_conn, chunked, body_pos, **response_kw)
755 retries = retries.increment(
--> 756 method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2]
757 )
/usr/local/lib/python3.7/dist-packages/urllib3/util/retry.py in increment(self, method, url, response, error, _pool, _stacktrace)
573 if new_retry.is_exhausted():
--> 574 raise MaxRetryError(_pool, url, error or ResponseError(cause))
575
MaxRetryError: HTTPSConnectionPool(host='X.X.X.X', port=8443): Max retries exceeded with url: /univmax/restapi/version (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:1056)')))
During handling of the above exception, another exception occurred:
SSLError Traceback (most recent call last)
<ipython-input-61-d1c0089b962c> in <module>
----> 1 session.request(method='GET', url=url)
/usr/local/lib/python3.7/dist-packages/requests/sessions.py in request(self, method, url, params, data, headers, cookies, files, auth, timeout, allow_redirects, proxies, hooks, stream, verify, cert, json)
540 }
541 send_kwargs.update(settings)
--> 542 resp = self.send(prep, **send_kwargs)
543
544 return resp
/usr/local/lib/python3.7/dist-packages/requests/sessions.py in send(self, request, **kwargs)
653
654 # Send the request
--> 655 r = adapter.send(request, **kwargs)
656
657 # Total elapsed time of the request (approximately)
/usr/local/lib/python3.7/dist-packages/requests/adapters.py in send(self, request, stream, timeout, verify, cert, proxies)
512 if isinstance(e.reason, _SSLError):
513 # This branch is for urllib3 v1.22 and later.
--> 514 raise SSLError(e, request=request)
515
516 raise ConnectionError(e, request=request)
SSLError: HTTPSConnectionPool(host='X.X.X.X', port=8443): Max retries exceeded with url: /univmax/restapi/version (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:1056)')))
当我传递verify=False请求时,它会返回正确的响应。
session.request(method='GET', url=url, verify=False)
<Response [200]>
我检查了默认设置为的session代码。verifyTrue
但是当我们明确设置session.verify = False它应该忽略 SSL。
解决方案
推荐阅读
- python - 如何制作一个也可用作上下文管理器的 python 方法?
- scala - Scala - 方法计数的参数不足
- domain-driven-design - 将 CosmosDb 文档转换为 DDD 聚合
- javascript - 如何将鼠标指向页面的特定部分然后滚动?(木偶师)
- html - 如何将div平均分成行
- javascript - Uncaught SyntaxError: Unexpected token '<' 当我使用 libarchive.js
- amazon-web-services - AWS TOOLKIT - 如何在 VS Code AWS Toolkit 的输出面板中漂亮地打印响应?
- excel - 如何设置最后一个数据行excel宏
- acumatica - 部署后,soapClient.Login 到 Windows 窗体应用程序中的 Acumatica 失败。“向 https 发出 HTTP 请求时发生错误..”
- python - Keras 中的自定义损失函数 - 迭代 TensorFlow