某些网站对 ssl 1.0 以上的版本支持并不友好,但是 python ssl lib 默认会指定当前OpenSSL支持的最高版本,并且当服务器返回的ssl版本号低于或者等于1.0时, 会出现如下错误
aiohttp.client_exceptions.ClientConnectorError: Cannot connect to host www.mdnkids.com:443 ssl:<ssl.SSLContext object at 0x1096634a8> [None]
看一下错误原因的推断过程,我的操作系统是 Mac OS, 首先用 curl 命令进行尝试
curl 'https://www.mdnkids.com'
curl: (35) LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to www.mdnkids.com:443
发现 curl 也一样有 ssl error, 那么尝试直接用 openssl 对该域名进行连接
openssl s_client -connect www.mdnkids.com:443 -msg
# if fail, try openssl s_client -CApath /usr/local/etc/openssl/certs -connect www.mdnkids.com:443 -msg
==> TLS 1.2 Handshake [length 0139], ClientHello
==> ...
==> TLS 1.0 Handshake [length 004a], ServerHello
==> TLS 1.0 Handshake [length 0c0a], Certificate
==> ...
=