开发测试的时候,我们经常需要倒退时间。倒推时间,请求https相关资源的时候,自然引起证书的问题:
return self.__request(url)
File "build/bdist.linux-x86_64/egg/curl/__init__.py", line 87, in __request
self.handle.perform()
error: (60, 'Peer certificate cannot be authenticated with known CA certificates')
curl -v https://api.weixin.qq.com/sns/oauth2/access_token
* About to connect() to api.weixin.qq.com port 443 (#0)
* Trying 183.61.49.149... connected
* Connected to api.weixin.qq.com (183.61.49.149) port 443 (#0)
* Initializing NSS with certpath: /etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* Remote Certificate has expired.
* NSS error -8181
* Closing connection #0
* Peer certificate cannot be authenticated with known CA certificates
curl: (60) Peer certificate cannot be authenticated with known CA certificates
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
证书过期了,最简单的办法,就是不验证证书。如下:
#coding=utf8
#!/bin/python2.6
import pycurl
import curl
url = "https://api.weixin.qq.com/sns/oauth2/access_token"
cc = curl.Curl()
cc.set_option(pycurl.SSL_VERIFYPEER, 0) # 加这一行
r = cc.get(url)
print r
2296
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
