问题
I'm trying to connect jira's API via python (3.6) and i keep getting error message:
WARNING:root:HTTPSConnectionPool(host='jira', port=443): Max retries exceeded with url: /secure/rest/api/2/serverInfo/rest/api/2/serverInfo (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),)) while doing GET https://jira/secure/rest/api/2/serverInfo/rest/api/2/serverInfo [{'params': None, 'headers': {'User-Agent': 'python-requests/2.20.1', 'Accept-Encoding': 'gzip, deflate', 'Accept': 'application/json,.;q=0.9', 'Connection': 'keep-alive', 'Cache-Control': 'no-cache', 'Content-Type': 'application/json', 'X-Atlassian-Token': 'no-check'}}] WARNING:root:Got ConnectionError [HTTPSConnectionPool(host='jira', port=443): Max retries exceeded with url: /secure/rest/api/2/serverInfo/rest/api/2/serverInfo (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))] errno:None on GET https://jira/secure/rest/api/2/serverInfo/rest/api/2/serverInfo {'response': None, 'request': <PreparedRequest [GET]>}{'response': None, 'request': <PreparedRequest [GET]>} WARNING:root:Got recoverable error from GET https://jira/secure/rest/api/2/serverInfo/rest/api/2/serverInfo, will retry [1/3] in 7.466325591185807s. Err: HTTPSConnectionPool(host='jira', port=443): Max retries exceeded with url: /secure/rest/api/2/serverInfo/rest/api/2/serverInfo (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
This is my code:
un='myusername'
pwd='mypassword'
server='https://jira/xxxx'
jira = jira = JIRA(basic_auth=(un, pwd), options={'server': server})
issue = jira.issue('some issue name')
print(issue.fields.project.key)
print(issue.fields.issuetype.name)
When using curl to the same server everything works good.
回答1:
You can provide the necessary certificate to the verify option.
jira-python uses Requests for HTTP(docs).
According to Requests documentation
you can specify a path to a certificate file in verify.
So you can provide the root certificate in verify like so:
jira_options = {
'server': jira_server_name,
'verify': 'path/to/root/certificate',
}
So in your case just change to this:
jira = jira = JIRA(basic_auth=(un, pwd), options={'server': server,'verify': 'path/to/root/certificate',})
In Chrome for example you can show the certificate as described in this article
EDIT:
Connect to your server in Chrome and click on the lock shown in the left-hand corner of address bar and right-click that lock, then click 'details', then 'view certificate'. Then save this cert to file and refer to it in verify.
From the docs:
SSL CERT VERIFICATION:
If verify is set to a path to a directory, the directory must have been processed using the c_rehash utility supplied with OpenSSL.
CLIENT SIDE CERTIFICATES:
The private key to your local certificate must be unencrypted. Currently, Requests does not support using encrypted keys.
There's also the option to set 'verify':false - thou it's not recommended since turning off certificate verification leaves you vulnerable for Man-in-the-Middle attacks.
来源:https://stackoverflow.com/questions/53497457/python-cant-connect-jira-api-via