“SSL: CERTIFICATE_VERIFY_FAILED”错误

我得到以下错误:

Exception in thread Thread-3:
Traceback (most recent call last):
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/threading.py", line 810, in        __bootstrap_inner
self.run()
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/threading.py", line 763, in  run
self.__target(*self.__args, **self.__kwargs)
File "/Users/Matthew/Desktop/Skypebot 2.0/bot.py", line 271, in process
info = urllib2.urlopen(req).read()
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 154, in urlopen
return opener.open(url, data, timeout)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 431, in open
response = self._open(req, data)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 449, in _open
'_open', req)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 409, in _call_chain
result = func(*args)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 1240, in https_open
context=self._context)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 1197, in do_open
raise URLError(err)
URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:581)>

下面是导致这个错误的代码:

if input.startswith("!web"):
    input = input.replace("!web ", "")      
    url = "https://domainsearch.p.mashape.com/index.php?name=" + input
    req = urllib2.Request(url, headers={ 'X-Mashape-Key': 'XXXXXXXXXXXXXXXXXXXX' })
    info = urllib2.urlopen(req).read()
    Message.Chat.SendMessage ("" + info)

我正在使用的API要求我使用HTTPS。我怎样才能让它绕过验证呢?

当前回答

The SSL: CERTIFICATE_VERIFY_FAILED error could also occur because an Intermediate Certificate is missing in the ca-certificates package on Linux. For example, in my case the intermediate certificate "DigiCert SHA2 Secure Server CA" was missing in the ca-certificates package even though the Firefox browser includes it. You can find out which certificate is missing by directly running the wget command on the URL causing this error. Then you can search for the corresponding link to the CRT file for this certificate from the official website (e.g. https://www.digicert.com/digicert-root-certificates.htm in my case) of the Certificate Authority. Now, to include the certificate that is missing in your case, you may run the below commands using your CRT file download link instead:

wget https://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt

mv DigiCertSHA2SecureServerCA.crt DigiCertSHA2SecureServerCA.der

openssl x509 -inform DER -outform PEM -in DigiCertSHA2SecureServerCA.der -out DigicertSHA2SecureServerCA.pem.crt

sudo mkdir /usr/share/ca-certificates/extra

sudo cp DigicertSHA2SecureServerCA.pem.crt /usr/share/ca-certificates/extra/

sudo dpkg-reconfigure ca-certificates

在此之后，您可以再次使用wget测试URL，也可以使用python urllib包进行测试。详情请参考:https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1795242

2020-05-22 09:04:57

其他回答

wget https://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt

mv DigiCertSHA2SecureServerCA.crt DigiCertSHA2SecureServerCA.der

openssl x509 -inform DER -outform PEM -in DigiCertSHA2SecureServerCA.der -out DigicertSHA2SecureServerCA.pem.crt

sudo mkdir /usr/share/ca-certificates/extra

sudo cp DigicertSHA2SecureServerCA.pem.crt /usr/share/ca-certificates/extra/

sudo dpkg-reconfigure ca-certificates

在此之后，您可以再次使用wget测试URL，也可以使用python urllib包进行测试。详情请参考:https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1795242

2020-05-22 09:04:57

像你一样，我在我的旧iMac (OS X 10.6.8)上使用python 2.7，我也遇到了这个问题，使用urllib2。urlopen:

urlopen error [SSL: CERTIFICATE_VERIFY_FAILED]

我的程序运行得很好，没有SSL证书问题，突然(在下载程序后)，它们因SSL错误而崩溃。

问题是使用的python版本:

https://www.python.org/downloads和python-2.7.9-macosx10.6.pkg没有问题 Homebrew工具安装的“brew install python”有问题，版本位于/usr/local/bin。

在/Applications/Python 2.7/ReadMe.rtf中，有一章名为证书验证和OpenSSL[已更改为Python 2.7.9]，详细解释了这个问题。

因此，检查，下载并将正确版本的python放入您的PATH中。

2015-05-13 08:52:16

Python 2.7.12(默认，2016年7月29日，15:26:22)修复了上述问题。这个信息可能会帮助到其他人。

2016-07-29 20:09:30

Amazon EC2上的Python 2.7，附带centOS 7

我必须设置env变量SSL_CERT_DIR指向我的ca-bundle，它位于/etc/ssl/certs/ca-bundle.crt

2018-05-18 22:40:41

这不是您特定问题的解决方案，但我把它放在这里是因为这个线程是“SSL: CERTIFICATE_VERIFY_FAILED”的顶部谷歌结果，它导致我在一个徒劳的追逐。

If you have installed Python 3.6 on OSX and are getting the "SSL: CERTIFICATE_VERIFY_FAILED" error when trying to connect to an https:// site, it's probably because Python 3.6 on OSX has no certificates at all, and can't validate any SSL connections. This is a change for 3.6 on OSX, and requires a post-install step, which installs the certifi package of certificates. This is documented in the file ReadMe.rtf, which you can find at /Applications/Python\ 3.6/ReadMe.rtf (see also the file Conclusion.rtf, and the script build-installer.py that generates the macOS installer).

ReadMe会让你运行安装后的脚本

/Applications/Python\ 3.10/Install\ Certificates.command(终端应用程序，这个命令应该单独解决问题。请确保使用当前的subversion更新文件路径。)

(它的源是install_certificates.command)，其中:

首先安装Python包certifi，然后然后创建一个从OpenSSL证书文件到包certificate安装的证书文件的符号链接。

发布说明有更多信息:https://www.python.org/downloads/release/python-360/

在较新的Python版本中，有更多关于此的文档:

https://github.com/python/cpython/blob/e05a703848473b0365886dcc593cbddc46609f29/Mac/BuildScript/resources/ReadMe.rtf#L22-L34 https://github.com/python/cpython/blob/e05a703848473b0365886dcc593cbddc46609f29/Mac/BuildScript/resources/Conclusion.rtf#L15-L19 https://github.com/python/cpython/blob/e05a703848473b0365886dcc593cbddc46609f29/Mac/BuildScript/resources/Welcome.rtf#L23-L25 https://github.com/python/cpython/blob/e05a703848473b0365886dcc593cbddc46609f29/Mac/BuildScript/resources/install_certificates.command https://github.com/python/cpython/blob/e05a703848473b0365886dcc593cbddc46609f29/Mac/BuildScript/README.rst https://github.com/python/cpython/blob/e05a703848473b0365886dcc593cbddc46609f29/Mac/BuildScript/build-installer.py#L239-L246

2017-02-19 23:49:46

“SSL: CERTIFICATE_VERIFY_FAILED”错误

推荐文章

最新文章

标签