ubuntu 20.04启用TLSv1
问题描述
在运行python爬虫的过程中出现了以下报错:
requests.exceptions.SSLError: HTTPSConnectionPool(host=’***’,
port=443): Max retries exceeded with url: *** (Caused by
SSLError(SSLError(1, ‘[SSL: UNSUPPORTED_PROTOCOL] unsupported protocol
(_ssl.c:1123)’)))
问题解决
这个问题的原因是在Ubuntu的最新版本中进行了强化,以提高TLS的安全性要求,禁用了TLSv1。
解决这个问题需要修改 openssl。
vim /etc/ssl/openssl.cnf
首先在第一行加上 openssl_conf = default_conf
之后再文件结尾加上
[default_conf]
ssl_conf = ssl_sect
[ssl_sect]
system_default = system_default_sect
[system_default_sect]
MinProtocol = TLSv1
CipherString = DEFAULT@SECLEVEL=1
此时再次运行爬虫代码,只会出现警告
/usr/lib/python3/dist-packages/urllib3/connectionpool.py:999: InsecureRequestWarning: Unverified HTTPS request is being made to host 'libreserve.sau.edu.cn'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
warnings.warn(