ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] 证书验证失败:无法获取本地颁发者证书 (_ssl.c:1108)

【问题标题】:ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1108)ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] 证书验证失败:无法获取本地颁发者证书 (_ssl.c:1108)
【发布时间】:2020-03-31 17:50:45
【问题描述】:

我正在尝试运行一个简单的 python 脚本来访问 WINDOWS 中 minio 服务器中的 s3 存储桶。服务器正在使用自签名证书。 SSL 握手有错误。我已经尝试了所有可能的方法来纠正它,但它仍然抛出错误。

我的python脚本 从 minio 导入 Minio

from minio.error import (ResponseError, BucketAlreadyOwnedByYou,
                     BucketAlreadyExists)


def new():

minioClient = Minio('10.177.218.8:9000',access_key='minio_key',secret_key='password',secure=True)

buckets = minioClient.list_buckets();

for bucket in buckets:
    print(bucket.name, bucket.creation_date)

 new()

这是我遇到的错误

 File "C:\Users\Admin\AppData\Local\Programs\Python\Python38-32\lib\site-packages\urllib3-1.25.8-               
 py3.8.egg\urllib3\connectionpool.py", line 665, in urlopen
httplib_response = self._make_request(
File "C:\Users\Admin\AppData\Local\Programs\Python\Python38-32\lib\site-packages\urllib3-1.25.8-     
py3.8.egg\urllib3\connectionpool.py", line 376, in _make_request
self._validate_conn(conn)
File "C:\Users\Admin\AppData\Local\Programs\Python\Python38-32\lib\site-packages\urllib3-1.25.8- 
py3.8.egg\urllib3\connectionpool.py", line 994, in _validate_conn
conn.connect()
File "C:\Users\Admin\AppData\Local\Programs\Python\Python38-32\lib\site-packages\urllib3-1.25.8- 
py3.8.egg\urllib3\connection.py", line 352, in connect
self.sock = ssl_wrap_socket(
 File "C:\Users\Admin\AppData\Local\Programs\Python\Python38-32\lib\site-packages\urllib3-1.25.8- 
py3.8.egg\urllib3\util\ssl_.py", line 383, in ssl_wrap_socket
return context.wrap_socket(sock)
File "C:\Users\Admin\AppData\Local\Programs\Python\Python38-32\lib\ssl.py", line 500, in wrap_socket
return self.sslsocket_class._create(
File "C:\Users\Admin\AppData\Local\Programs\Python\Python38-32\lib\ssl.py", line 1040, in _create
self.do_handshake()
File "C:\Users\Admin\AppData\Local\Programs\Python\Python38-32\lib\ssl.py", line 1309, in 
 do_handshake
self._sslobj.do_handshake() 
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to 
get local issuer certificate (_ssl.c:1108)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "C:\Users\Admin\Documents\S3\new.py", line 21, in <module>
new()
File "C:\Users\Admin\Documents\S3\new.py", line 11, in new
buckets = minioClient.list_buckets();
File "C:\Users\Admin\AppData\Local\Programs\Python\Python38-32\lib\site-packages\minio-5.0.9- 
py3.8.egg\minio\api.py", line 427, in list_buckets
File "C:\Users\Admin\AppData\Local\Programs\Python\Python38-32\lib\site-packages\urllib3-1.25.8- 
py3.8.egg\urllib3\poolmanager.py", line 330, in urlopen
response = conn.urlopen(method, u.request_uri, **kw)
File "C:\Users\Admin\AppData\Local\Programs\Python\Python38-32\lib\site-packages\urllib3-1.25.8- 
py3.8.egg\urllib3\connectionpool.py", line 747, in urlopen
 return self.urlopen(
File "C:\Users\Admin\AppData\Local\Programs\Python\Python38-32\lib\site-packages\urllib3-1.25.8- 
py3.8.egg\urllib3\connectionpool.py", line 747, in urlopen
return self.urlopen(
File "C:\Users\Admin\AppData\Local\Programs\Python\Python38-32\lib\site-packages\urllib3-1.25.8- 
py3.8.egg\urllib3\connectionpool.py", line 747, in urlopen
return self.urlopen(
[Previous line repeated 2 more times]
File "C:\Users\Admin\AppData\Local\Programs\Python\Python38-32\lib\site-packages\urllib3-1.25.8- 
py3.8.egg\urllib3\connectionpool.py", line 719, in urlopen
retries = retries.increment(
File "C:\Users\Admin\AppData\Local\Programs\Python\Python38-32\lib\site-packages\urllib3-1.25.8- 
py3.8.egg\urllib3\util\retry.py", line 436, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='10.177.218.8', port=9000): Max retries 
exceeded with url: / (Caused by SSLError(SSLCertVerificationError(1, '[SSL: 
CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate 
(_ssl.c:1108)')))

我还在受信任的商店中安装了证书。如何在 WINDOWS 中解决这个问题?

【问题讨论】:

    标签: ssl minio


    【解决方案1】:

    通过执行以下操作,我终于能够更正 Windows 上的 SSL VERIFY 错误:

    1. 执行print(requests.certs.where())并复制完整的文件路径。
    2. 像这样在脚本中创建一个变量并粘贴文件路径:

    cafile = r'lib\site-packages\certifi\cacert.pem'

    1. 执行请求并将验证设置为新变量:page = requests.get(URL_STRING, verify=cafile)

    尽可能不要设置verify = False

    也许这也能拯救一些其他 SSL 疲惫的灵魂。

    【讨论】:

      【解决方案2】:

      简单的解决方案,使用 Minio 的自定义 httpClient:

      import urllib3

httpClient = urllib3.PoolManager()

minioClient = Minio(....,
                    .....
                    access_key=...,
                    secret_key=...,
                    http_client = httpClient)

      【讨论】:

        猜你喜欢
        • 2020-12-13
        • 2020-04-12
        • 2021-09-17
        • 2021-11-25
        • 1970-01-01
        • 2020-04-06
        • 2020-03-04
        • 1970-01-01
        • 1970-01-01
        相关资源
        最近更新 更多
        热门标签
        Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode