问题
I know how to connect to my owncloud with python, by using easywebdav.
I'm using a selfsigned certificate and verify_ssl=False, but that makes me vulnerable to man-in-the-middle attacks, the only reason to use ssl in the first place.
I'm using Fedora and tried adding my servers certificate to $HOME/.pki/CA/cacert.pem, but it still fails.
回答1:
You already have your server certificate in $HOME/.pki/CA/cacert.pem. But to be complete for others, you can get a certificate with python like this:
import ssl
import os
# get the https certificate
cert = ssl.get_server_certificate(('example.com', 443))
# append it to my personal chain
pem_path = os.path.expanduser('~/.pki/CA/cacert.pem')
with open(pem_path, 'a+') as f:
f.write(cert)
Then to use it in easywebdav. Easywebdav builds on requests. And the verify_ssl is used as requests.Session.verify Requests docs say it accepts a boolean (True uses the default chain) or a path to a CA_BUNDLE.
So this should work:
import easywebdav
pem_path = os.path.expanduser('~/.pki/CA/cacert.pem')
webdav = easywebdav.connect('example.com', username='user', password='pass',
protocol='https', port=443,
verify_ssl=pem_path)
...
来源:https://stackoverflow.com/questions/23767304/how-can-i-verify-my-selfsigned-certificate-when-using-easywebdav