Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/amazon-web-services/12.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Python AWS物联网数据:证书验证失败_Python_Amazon Web Services_Ssl_Boto3_Client Certificates - Fatal编程技术网
Fatal编程技术网
  • python/
  • Python AWS物联网数据:证书验证失败

Python AWS物联网数据:证书验证失败

python amazon-web-services ssl

Python AWS物联网数据:证书验证失败,python,amazon-web-services,ssl,boto3,client-certificates,Python,Amazon Web Services,Ssl,Boto3,Client Certificates,我使用python+boto3在bitbucket管道中运行AWS IOT的测试脚本 直到最近,它工作正常,现在我发现以下错误: Traceback (most recent call last): File "/localDebugRepo/tests/aws/test_iot_api.py", line 119, in test_set_get_owner self.iot_util.set_owner(owner, self.test_thing) Fi

我使用python+boto3在bitbucket管道中运行AWS IOT的测试脚本

直到最近,它工作正常,现在我发现以下错误:

Traceback (most recent call last):
  File "/localDebugRepo/tests/aws/test_iot_api.py", line 119, in test_set_get_owner
    self.iot_util.set_owner(owner, self.test_thing)
  File "/localDebugRepo/aws/iot_api.py", line 176, in set_owner
    self.iot_data.update_thing_shadow(thingName=thing, payload=payload)
  File "/usr/local/lib/python3.6/site-packages/botocore/client.py", line 357, in _api_call
    return self._make_api_call(operation_name, kwargs)
  File "/usr/local/lib/python3.6/site-packages/botocore/client.py", line 663, in _make_api_call
    operation_model, request_dict, request_context)
  File "/usr/local/lib/python3.6/site-packages/botocore/client.py", line 682, in _make_request
    return self._endpoint.make_request(operation_model, request_dict)
  File "/usr/local/lib/python3.6/site-packages/botocore/endpoint.py", line 102, in make_request
    return self._send_request(request_dict, operation_model)
  File "/usr/local/lib/python3.6/site-packages/botocore/endpoint.py", line 137, in _send_request
    success_response, exception):
  File "/usr/local/lib/python3.6/site-packages/botocore/endpoint.py", line 256, in _needs_retry
    caught_exception=caught_exception, request_dict=request_dict)
  File "/usr/local/lib/python3.6/site-packages/botocore/hooks.py", line 356, in emit
    return self._emitter.emit(aliased_event_name, **kwargs)
  File "/usr/local/lib/python3.6/site-packages/botocore/hooks.py", line 228, in emit
    return self._emit(event_name, kwargs)
  File "/usr/local/lib/python3.6/site-packages/botocore/hooks.py", line 211, in _emit
    response = handler(**kwargs)
  File "/usr/local/lib/python3.6/site-packages/botocore/retryhandler.py", line 183, in __call__
    if self._checker(attempts, response, caught_exception):
  File "/usr/local/lib/python3.6/site-packages/botocore/retryhandler.py", line 251, in __call__
    caught_exception)
  File "/usr/local/lib/python3.6/site-packages/botocore/retryhandler.py", line 277, in _should_retry
    return self._checker(attempt_number, response, caught_exception)
  File "/usr/local/lib/python3.6/site-packages/botocore/retryhandler.py", line 317, in __call__
    caught_exception)
  File "/usr/local/lib/python3.6/site-packages/botocore/retryhandler.py", line 223, in __call__
    attempt_number, caught_exception)
  File "/usr/local/lib/python3.6/site-packages/botocore/retryhandler.py", line 359, in _check_caught_exception
    raise caught_exception
  File "/usr/local/lib/python3.6/site-packages/botocore/endpoint.py", line 200, in _do_get_response
    http_response = self._send(request)
  File "/usr/local/lib/python3.6/site-packages/botocore/endpoint.py", line 269, in _send
    return self.http_session.send(request)
  File "/usr/local/lib/python3.6/site-packages/botocore/httpsession.py", line 281, in send
    raise SSLError(endpoint_url=request.url, error=e)
botocore.exceptions.SSLError: SSL validation failed for https://data.iot.eu-central-1.amazonaws.com/things/thing-unittest/shadow [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)
虽然我无法在本地系统上复制此错误,但使用默认的python:3.6.4 docker映像复制错误是成功的,这表明可能存在无效证书

有趣的是,在管道中成功运行以下命令: openssl s_客户端-connect data.iot.eu-central-1.amazonaws.com:443

root@f30a34330be5:/localDebugRepo# openssl s_client -connect data.iot.eu-central-1.amazonaws.com:443
CONNECTED(00000003)
depth=2 C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 2006 VeriSign, Inc. - For authorized use only", CN = VeriSign Class 3 Public Primary Certification Authority - G5
verify return:1
depth=1 C = US, O = Symantec Corporation, OU = Symantec Trust Network, CN = Symantec Class 3 Secure Server CA - G4
verify return:1
depth=0 C = US, ST = Washington, L = Seattle, O = "Amazon.com, Inc.", CN = *.iot.eu-central-1.amazonaws.com
verify return:1
140686038922896:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177:
---
Certificate chain
 0 s:/C=US/ST=Washington/L=Seattle/O=Amazon.com, Inc./CN=*.iot.eu-central-1.amazonaws.com
   i:/C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 Secure Server CA - G4
 1 s:/C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 Secure Server CA - G4
   i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
---
任何关于如何进一步调试此程序的建议都将受到极大的赞赏。

看来AWS在过去几个小时内的证书都不好。 我没有订阅支持层,所以我不知道如何告诉他们。 我也遇到了同样的问题;boto3报告坏证书(您可以在浏览器中验证)

我所有的物联网功能都会受到影响,但如果我在本地运行它(而不是以lambda的形式),它似乎可以工作

也许有人有办法告诉亚马逊他们的小问题

编辑:

见: 和 为了解决这个问题。您不应该使用默认值来创建数据平面客户端,因为certifi(python)已修复为忽略URL的Symantec CA,而Amazon不会修复它。

有关其他人如何解决此问题的详细信息,请参阅。出于某种原因,AWS正在使用Symantec证书。