我正在使用来自 http://twistedmatrix.com/documents/current/core/howto/ssl.html 的 check_server_certificate.py 代码示例 为了从公共(public)服务器获取证书。
from __future__ import print_function
import sys
from twisted.internet import defer, endpoints, protocol, ssl, task, error
def main(reactor, host, port=443):
options = ssl.optionsForClientTLS(hostname=host.decode('utf-8'))
port = int(port)
class ShowCertificate(protocol.Protocol):
def connectionMade(self):
self.transport.write(b"GET / HTTP/1.0\r\n\r\n")
self.done = defer.Deferred()
def dataReceived(self, data):
certificate = ssl.Certificate(self.transport.getPeerCertificate())
print("OK:", certificate)
self.transport.abortConnection()
def connectionLost(self, reason):
print("Lost.")
if not reason.check(error.ConnectionClosed):
print("BAD:", reason.value)
self.done.callback(None)
return endpoints.connectProtocol(
endpoints.SSL4ClientEndpoint(reactor, host, port, options),
ShowCertificate()
).addCallback(lambda protocol: protocol.done)
task.react(main, sys.argv[1:])
已经从 PyPI 安装了必要的“service_identity”和“idna”包,但仍然出现此错误:
$ python check_server_certificate.py www.twistedmatrix.com
Lost.
BAD: [('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')]
有什么想法吗?
最佳答案
SSL_CERT_FILE = "$(python -m certifi)"
python check_server_certificate.py www.twistedmatrix.com
尝试使用它,它对我有用。
关于Python Twisted : SSL routines , ssl3_get_server_certificate 错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/31794102/