【发布时间】:2011-08-19 06:39:06
【问题描述】:
我正在尝试使用 PEM 证书发布 HTTPS 请求,如下所示:
import httplib
CERT_FILE = '/path/certif.pem'
conn = httplib.HTTPSConnection('10.10.10.10','443', cert_file =CERT_FILE)
conn.request("POST", "/")
response = conn.getresponse()
print response.status, response.reason
conn.close()
我有以下错误:
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python2.6/httplib.py", line 914, in request
self._send_request(method, url, body, headers)
File "/usr/lib/python2.6/httplib.py", line 951, in _send_request
self.endheaders()
File "/usr/lib/python2.6/httplib.py", line 908, in endheaders
self._send_output()
File "/usr/lib/python2.6/httplib.py", line 780, in _send_output
self.send(msg)
File "/usr/lib/python2.6/httplib.py", line 739, in send
self.connect()
File "/usr/lib/python2.6/httplib.py", line 1116, in connect
self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file)
File "/usr/lib/python2.6/ssl.py", line 338, in wrap_socket
suppress_ragged_eofs=suppress_ragged_eofs)
File "/usr/lib/python2.6/ssl.py", line 118, in __init__
cert_reqs, ssl_version, ca_certs)
ssl.SSLError: [Errno 336265225] _ssl.c:339: error:140B0009:SSL
routines:**SSL_CTX_use_PrivateKey_file**:PEM lib
当我从 httplib 中删除 cert_file 时,我得到以下响应:
200 ok
当我添加带有空 post 有效负载的 Authentication 标头(如 MattH 建议的)时,它也可以工作。
但是,当我将良好的请求与 Path、Body 和 Header 一起提出时,如下所示(我简化了它们......)
body = '<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">blablabla</S:Envelope>'
URLprov = "/syncaxis2/services/XXXsyncService"
auth_header = 'Basic %s' % (":".join(["xxx","xxxxx"]).encode('Base64').strip('\r\n'))
conn.request("POST",URLprov,body,{'Authenticate':auth_header})
我有 401 Unauthorized response!
如您所见,首先,我被要求提供 PrivateKey !如果我是客户,为什么需要 PrivateKey?然后,当我删除 PrivateKey 和证书,并放置 Path/Body/headers 时,我有 401 Unauthorized 错误消息 WWW-Authenticate: Basic realm="SYNCNB Server Realm"。
谁能解释一下这个问题?在 Python 中是否有另一种使用证书发送 HTTPS 请求的方法?
【问题讨论】:
标签: python ssl https certificate