0
我們公司的IT安全團隊使用中間證書(ZScaler)來驗證SSL流量。這會對使用SSL的任何實用程序或API封裝器造成問題,例如httplib2的,請求等Python SSL的系統級解決方案:CERTIFICATE_VERIFY_FAILED
我已經找到了當我代碼調用的模塊,例如解決方案ssl_verify=False
等等,但問題是當這些庫被調用時,在其他人的代碼的隱藏深處。
例如:
service = googleapiclient.discovery.build('vision', 'v1')
它拋出的錯誤:
---------------------------------------------------------------------------
SSLHandshakeError Traceback (most recent call last)
<ipython-input-4-70a8fbe53fc9> in <module>()
----> 1 service = googleapiclient.discovery.build('vision', 'v1')
/usr/local/anaconda/lib/python2.7/site-packages/oauth2client/_helpers.pyc in positional_wrapper(*args, **kwargs)
131 elif positional_parameters_enforcement == POSITIONAL_WARNING:
132 logger.warning(message)
--> 133 return wrapped(*args, **kwargs)
134 return positional_wrapper
135
/usr/local/anaconda/lib/python2.7/site-packages/googleapiclient/discovery.pyc in build(serviceName, version, http, discoveryServiceUrl, developerKey, model, requestBuilder, credentials, cache_discovery, cache)
226 try:
227 content = _retrieve_discovery_doc(
--> 228 requested_url, discovery_http, cache_discovery, cache)
229 return build_from_document(content, base=discovery_url, http=http,
230 developerKey=developerKey, model=model, requestBuilder=requestBuilder,
/usr/local/anaconda/lib/python2.7/site-packages/googleapiclient/discovery.pyc in _retrieve_discovery_doc(url, http, cache_discovery, cache)
273 logger.info('URL being requested: GET %s', actual_url)
274
--> 275 resp, content = http.request(actual_url)
276
277 if resp.status >= 400:
/usr/local/anaconda/lib/python2.7/site-packages/httplib2/__init__.pyc in request(self, uri, method, body, headers, redirections, connection_type)
1657 content = ""
1658 else:
-> 1659 (response, content) = self._request(conn, authority, uri, request_uri, method, body, headers, redirections, cachekey)
1660 except Exception, e:
1661 if self.force_exception_to_status_code:
/usr/local/anaconda/lib/python2.7/site-packages/httplib2/__init__.pyc in _request(self, conn, host, absolute_uri, request_uri, method, body, headers, redirections, cachekey)
1397 auth.request(method, request_uri, headers, body)
1398
-> 1399 (response, content) = self._conn_request(conn, request_uri, method, body, headers)
1400
1401 if auth:
/usr/local/anaconda/lib/python2.7/site-packages/httplib2/__init__.pyc in _conn_request(self, conn, request_uri, method, body, headers)
1317 try:
1318 if hasattr(conn, 'sock') and conn.sock is None:
-> 1319 conn.connect()
1320 conn.request(method, request_uri, body, headers)
1321 except socket.timeout:
/usr/local/anaconda/lib/python2.7/site-packages/httplib2/__init__.pyc in connect(self)
1090 # something else (such as SSL protocol mismatch).
1091 if getattr(e, 'errno', None) == ssl.SSL_ERROR_SSL:
-> 1092 raise SSLHandshakeError(e)
1093 else:
1094 raise
SSLHandshakeError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)
是否有一個系統範圍的或全球定爲這樣的問題?
你試過指向貴公司/在Zscaler當你建立你的http對象的證書?看看這個答案:https://stackoverflow.com/a/27856913 – MACanazon