我有一个应用程序,我正在使用文档here进行自签名证书.

应用程序将该密钥库加载到jetty配置中并正确加载,并在浏览到站点时收到不可信证书的警告.

然后我想使用python连接到它,我已经尝试了生成cert,pem等的所有变体.我做的任何东西都让我连接.只需执行以下操作 –

import requests
requests.get('https://servername:8443', cert=('path\
\to\\cert\\app.cert', '\\\\path\\to\\keystore\\keystore'))

给我以下追溯 –

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "C:\Python27\lib\site-packages\requests\api.py", line 69, in get
    return request('get', url, params=params, **kwargs)
  File "C:\Python27\lib\site-packages\requests\api.py", line 50, in request
    response = session.request(method=method, url=url, **kwargs)
  File "C:\Python27\lib\site-packages\requests\sessions.py", line 465, in request
    resp = self.send(prep, **send_kwargs)
  File "C:\Python27\lib\site-packages\requests\sessions.py", line 573, in send
    r = adapter.send(request, **kwargs)
  File "C:\Python27\lib\site-packages\requests\adapters.py", line 431, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: [SSL] PEM lib (_ssl.c:2580)

解决方法:

请求中的cert用于客户端站点证书,而不是CA存储.使用verify参数指定CA文件,例如：

requests.get('https://www.example.com', verify='/etc/ssl/certs/ca-certificates.crt')