发表新帖
发表新帖

Python Requests getting SSLerror

前端 未结
关注
4 1023
伪装坚强ぢ
伪装坚强ぢ 2020-11-30 10:10

Trying to make a simple get request using Requests session but I keep getting SSLerror for a specific site. I think maybe the problem is with the site (I did a scan using ht

相关标签:
4条回答
  • 伪装坚强ぢ
    2020-11-30 10:22

    You can disable certificate verification:

    requests.get('https://www.reporo.com/', verify=False)

    but without certificate verification there is no man-in-the-middle attack protection.

    0 讨论(0)
  • 清酒与你
    2020-11-30 10:25

    I had the same error. Downgrading requests from requests-2.17.3 to requests-2.11.0 solved it for me. 

    pip uninstall requests
pip install requests==2.11.0
    0 讨论(0)
  • 半阙折子戏
    2020-11-30 10:31

    The certificate itself for www.reporo.com (not reporo.com) is valid, but it is missing a chain certificate as shown in the report by ssllabs:

    Chain issues    Incomplete
....
2   Extra download  Thawte DV SSL CA 
Fingerprint: 3ca958f3e7d6837e1c1acf8b0f6a2e6d487d6762

    The "Incomplete" and "Extra download" are the major points. Some browsers will have the missing chain certificate cached, others will do the download and other will fail. If you try the site with a fresh Firefox profile (which does not have any certificates cached) it will fail too.

    You could download the missing chain certificates and use it as trusted CA certificate with the verify parameter for requests. Don't just disable validation because then you are open to man-in-the-middle attacks.

    Step by step instruction:

    • Download the missing certificate at https://ssl-tools.net/certificates/vqgvhb-thawte-dv-ssl-ca (found by searching for the fingerprint given in the report from SSLLabs). Download the file in PEM format, i.e. https://ssl-tools.net/certificates/3ca958f3e7d6837e1c1acf8b0f6a2e6d487d6762.pem.
    • Download the root certificate at https://ssl-tools.net/certificates/91c6d6ee3e8ac86384e548c299295c756c817b81.pem (also found by searching for fingerprint).
    • Cat both files together into a new file chain.pem. Make sure that each of the files did end with a valid end of line character (which they do not as downloaded). The resulting file should look like this.

    • Modify your call to

      requests.get('https://www.reporo.com/', verify = 'chain.pem')
    0 讨论(0)
  • 北恋
    2020-11-30 10:39

    Ran into similar issue and fixed by following:

    pip install -U requests[security]
    0 讨论(0)
 看不清?
提交回复
热议问题