写了一个小程序,简单测试一个基于HTTPBasicAuthorization的REST API,结果该程序在Windows机器上报错:
[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)
在Linux机器上报错:
"bad handshake: Error([('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE', 'certificate verify failed')],)"
小程序如下:
#!/bin/python
import requests
from requests.auth import HTTPBasicAuth
from pprint import pprint
my_url = 'https://192.168.12.34/nodes'
def main():
try:
r = requests.get(my_url,
auth=HTTPBasicAuth('username', 'passw0rd'))
pprint(r.status_code)
pprint(r.json())
except Exception as ex:
print("Exception: {ex}".format(ex=ex))
if __name__ == '__main__':
main()
经过一番折腾,发现解决方案就是在get函数的参数里面加上 verify=False
而root cause是那个被测试站点给出的证书被认为是有问题的,所以需要verify=False去pass这个错误。
但是,这样依旧还不够,因为用了verify=False的缘故,每次连接都会有一大段warning信息打印出来,提示连接安全性的问题。在确保安全的情况下,如何disable这段提示信息呢?加上一句话即可:requests.packages.urllib3.disable_warnings()
最终代码如下:
#!/bin/python
import requests
from requests.auth import HTTPBasicAuth
from pprint import pprint
my_url = 'https://192.168.12.34/nodes'
def main():
try:
requests.packages.urllib3.disable_warnings()
r = requests.get(my_url,
auth=HTTPBasicAuth('username', 'passw0rd'),
verify=False)
pprint(r.status_code)
pprint(r.json())
except Exception as ex:
print("Exception: {ex}".format(ex=ex))
if __name__ == '__main__':
main()