多年来我一直在几乎所有项目中使用 python requests 框架,但还没有遇到过这样的问题。
这只发生在网站上www.pagedna.com据我所知。要重现的代码示例非常简单
import requests
requests.get("https://www.pagedna.com")
Chrome/Firefox 浏览器打开此网站,没问题,但上面的代码片段给了我通用 SSL 失败异常
Traceback (most recent call last):
File "inline.py", line 2, in <module>
requests.get("https://www.pagedna.com")
File "/home/rishi/workspace/misc/venvs/mc3.4/lib/python3.4/site-packages/requests/api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "/home/rishi/workspace/misc/venvs/mc3.4/lib/python3.4/site-packages/requests/api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "/home/rishi/workspace/misc/venvs/mc3.4/lib/python3.4/site-packages/requests/sessions.py", line 533, in request
resp = self.send(prep, **send_kwargs)
File "/home/rishi/workspace/misc/venvs/mc3.4/lib/python3.4/site-packages/requests/sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "/home/rishi/workspace/misc/venvs/mc3.4/lib/python3.4/site-packages/requests/adapters.py", line 514, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='www.pagedna.com', port=443): Max retries exceeded with url: / (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
如果我使用 servername 参数,OpenSSL 会为我提供正确的信息
openssl s_client -showcerts -servername www.pagedna.com -connect www.pagedna.com:443
CONNECTED(00000003)
---
Certificate chain
0 s:/OU=Domain Control Validated/CN=*.pagedna.com
i:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2
-----BEGIN CERTIFICATE-----
MIIGrjCCBZagAwIBAgIJAJdLy96ULpdIMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD
VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEa
MBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0
cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2Vj
dXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTE4MDcyNzE4MzUyMloX
DTIwMDkyNTE3MTExMVowOzEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRh
dGVkMRYwFAYDVQQDDA0qLnBhZ2VkbmEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAt6B/jE5FjTKWdEtNj8oRxzqlk5fGjBfYbsKjdPuSi0t6i0a8
lN9yVYLhLM988s3XXvcU8E9d30aQ51JDjxtkID9VP4z4x8E/fWjGpJZ/Nh1XMrSf
rmIZEXr+SZzUBp2dISIJKgmNNr3vVWS4BmViL7YXxvgZzGiZwQRACkoFdfGkkGcT
h1WOPIYf7nzxyasLvddSN5j6BU4XgiTpdlJSWofXFdMJBFfHoTyLUiH+stMzE4wU
gA+oxKzRqhDHJ+L393i2mv4y2FXiQ0InTqyKRGGuX8zmoPirHCRAmMItk9gmUoi+
/3nDVnUlIG6LOgcXylVbn22W5WXN4iwtZ8TCVwIDAQABo4IDOTCCAzUwDAYDVR0T
AQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/
BAQDAgWgMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuZ29kYWRkeS5jb20v
Z2RpZzJzMS04NTIuY3JsMF0GA1UdIARWMFQwSAYLYIZIAYb9bQEHFwEwOTA3Bggr
etc...
但是,如果缺少 -servername 选项,它会给我一个不同的证书,我怀疑这是这里的问题。
相关pip安装如下
pyOpenSSL==19.0.0
requests==2.21.0
requests-toolbelt==0.8.0
Using python3.4
这是请求框架错误吗?我应该打开错误报告还是我遗漏了什么?