Windows上的Python 3.6 :包括自定义CA文件不起作用
Windows上的Python 3.6 :包括自定义CA文件不起作用
提问于 2018-07-23 01:25:05
在Windows 10中使用python 3.6 (Anaconda)添加自定义CA不起作用。我做了什么:
创建了2个环境变量:
SSL_CERT_DIR=C:\_Data\Certs <-- This alone should do the trick
SSL_CERT_FILE=C:\_Data\Certs\burp我在本地主机上运行Burp。我已经将CA证书导出到c:\_Data\Certs\burp。我尝试过PEM和DER,两者都应该可以工作。
我的程序:
import aiohttp
import ssl
import asyncio
async def main():
session = aiohttp.ClientSession()
print(ssl.get_default_verify_paths()) # to verify that my environment variable is working
f = open('C:\\_Data\\Certs\\burp', 'r') # To check I don't have a permission problem
f.close()
aiohttp_proxy = 'http://127.0.0.1:8080'
async with session.get('https://www.whatismyip.com', proxy=aiohttp_proxy) as response:
print(await response.text())
await session.close()
if __name__ == "__main__":
loop = asyncio.get_event_loop()
loop.run_until_complete(main())输出:
DefaultVerifyPaths(cafile='C:\\_Data\\Certs\\burp', capath='C:\\_Data\\Certs', openssl_cafile_env='SSL_CERT_FILE', openssl_cafile='/usr/local/ssl/cert.pem', openssl_capath_env='SSL_CERT_DIR', openssl_capath='/usr/local/ssl/certs')
Traceback (most recent call last):
File "C:\Users\defaultuser\PycharmProjects\testproject\venv\lib\site-packages\aiohttp\connector.py", line 822, in _wrap_create_connection
return await self._loop.create_connection(*args, **kwargs)
File "C:\ProgramData\Anaconda3\Lib\asyncio\base_events.py", line 802, in create_connection
sock, protocol_factory, ssl, server_hostname)
File "C:\ProgramData\Anaconda3\Lib\asyncio\base_events.py", line 828, in _create_connection_transport
yield from waiter
File "C:\ProgramData\Anaconda3\Lib\asyncio\sslproto.py", line 503, in data_received
ssldata, appdata = self._sslpipe.feed_ssldata(data)
File "C:\ProgramData\Anaconda3\Lib\asyncio\sslproto.py", line 201, in feed_ssldata
self._sslobj.do_handshake()
File "C:\ProgramData\Anaconda3\Lib\ssl.py", line 683, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:749)
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "C:/Users/defaultuser/PycharmProjects/testproject/_test/test_cert.py", line 20, in <module>
loop.run_until_complete(main())
File "C:\ProgramData\Anaconda3\Lib\asyncio\base_events.py", line 466, in run_until_complete
return future.result()
File "C:/Users/defaultuser/PycharmProjects/testproject/_test/test_cert.py", line 14, in main
async with session.get('https://www.whatismyip.com', proxy=aiohttp_proxy) as response:
File "C:\Users\defaultuser\PycharmProjects\testproject\venv\lib\site-packages\aiohttp\client.py", line 843, in __aenter__
self._resp = await self._coro
File "C:\Users\defaultuser\PycharmProjects\testproject\venv\lib\site-packages\aiohttp\client.py", line 366, in _request
timeout=timeout
File "C:\Users\defaultuser\PycharmProjects\testproject\venv\lib\site-packages\aiohttp\connector.py", line 445, in connect
proto = await self._create_connection(req, traces, timeout)
File "C:\Users\defaultuser\PycharmProjects\testproject\venv\lib\site-packages\aiohttp\connector.py", line 754, in _create_connection
req, traces, timeout)
File "C:\Users\defaultuser\PycharmProjects\testproject\venv\lib\site-packages\aiohttp\connector.py", line 960, in _create_proxy_connection
req=req)
File "C:\Users\defaultuser\PycharmProjects\testproject\venv\lib\site-packages\aiohttp\connector.py", line 827, in _wrap_create_connection
raise ClientConnectorSSLError(req.connection_key, exc) from exc
aiohttp.client_exceptions.ClientConnectorSSLError: Cannot connect to host www.whatismyip.com:443 ssl:None [[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:749)]
Unclosed client session
client_session: <aiohttp.client.ClientSession object at 0x000001C3E504F278>
Process finished with exit code 1我再次检查了CA文件是否正确,方法是打开它并验证它是否与将常规浏览器指向在localhost上运行的代理并在访问HTTPS网站后验证CA详细信息时相同。
为什么它不起作用?
回答 1
Stack Overflow用户
发布于 2018-08-07 02:48:01
重新安装Anaconda,更新Pycharm,在Burp中重新生成CA并重新启动,现在可以工作了。不确定是什么原因。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/51467571
复制相关文章
相似问题
腾讯云开发者
