如何使用OpenSSL 1.1.1c在python 3.7.4中启用弱密码?
服务器仅支持弱密码。如何通过python连接到服务器 服务器具有以下设置:used sslyze 2-1-3 证书信息: 所容纳之物 签名算法:sha1 公钥算法:RSA 密钥大小:2048 指数:65537 0x100001 DNS主题备选名称:[]如何使用OpenSSL 1.1.1c在python 3.7.4中启用弱密码?,python,python-3.x,encryption,urllib3,Python,Python 3.x,Encryption,Urllib3,服务器仅支持弱密码。如何通过python连接到服务器 服务器具有以下设置:used sslyze 2-1-3 证书信息: 所容纳之物 签名算法:sha1 公钥算法:RSA 密钥大小:2048 指数:65537 0x100001 DNS主题备选名称:[] Trust Hostname Validation: OK - Certificate matches Android CA Store (9.0.0_r9): FAILED - Certif
Trust
Hostname Validation: OK - Certificate matches
Android CA Store (9.0.0_r9): FAILED - Certificate is NOT Trusted: self signed certificate in certificate chain
Apple CA Store (iOS 12, macOS 10.14, watchOS 5, and tvOS 12):FAILED - Certificate is NOT Trusted: self signed certificate in certificate chain
Java CA Store (jdk-12.0.1): FAILED - Certificate is NOT Trusted: self signed certificate in certificate chain
Mozilla CA Store (2019-03-14): FAILED - Certificate is NOT Trusted: self signed certificate in certificate chain
Windows CA Store (2019-05-27): FAILED - Certificate is NOT Trusted: self signed certificate in certificate chain
Symantec 2018 Deprecation: OK - Not a Symantec-issued certificate
Verified Chain: ERROR - Could not build verified chain(certificate untrusted?)
Received Chain Contains Anchor: ERROR - Could not build verified chain(certificate untrusted?)
Received Chain Order: OK - Order is valid
Verified Chain contains SHA1: ERROR - Could not build verified chain (certificate untrusted?)
Extensions
OCSP Must-Staple: NOT SUPPORTED - Extension not found
Certificate Transparency: NOT SUPPORTED - Extension not found
OCSP Stapling
NOT SUPPORTED - Server did not send back an OCSP response
TLS 1.2会话恢复支持:
会话ID为:OK-支持5次成功、0次失败、0次错误、5次总尝试
使用TLS票证:不支持-未分配TLS票证
SSLV3密码套件:
前向保密正常-支持
RC4不安全-支持
Preferred:
None - Server followed client cipher suite preference.
Accepted:
TLS_RSA_WITH_RC4_128_SHA 128 bits
TLS_RSA_WITH_RC4_128_MD5 128 bits
TLS_RSA_WITH_DES_CBC_SHA 56 bits
TLS_RSA_WITH_3DES_EDE_CBC_SHA 112 bits
TLS_RSA_EXPORT_WITH_RC4_40_MD5 40 bits
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA 40 bits
TLS_DHE_RSA_WITH_DES_CBC_SHA 56 bits
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits
Preferred:
None - Server followed client cipher suite preference.
Accepted:
TLS_RSA_WITH_RC4_128_SHA 128 bits
TLS_RSA_WITH_RC4_128_MD5 128 bits
TLS_RSA_WITH_DES_CBC_SHA 56 bits
TLS_RSA_WITH_AES_256_CBC_SHA 256 bits
TLS_RSA_WITH_AES_128_CBC_SHA 128 bits
TLS_RSA_WITH_3DES_EDE_CBC_SHA 112 bits
TLS_RSA_EXPORT_WITH_RC4_40_MD5 40 bits
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA 40 bits
TLS_DHE_RSA_WITH_DES_CBC_SHA 56 bits
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits
TLSV1密码套件:
前向保密正常-支持
RC4不安全-支持
Preferred:
None - Server followed client cipher suite preference.
Accepted:
TLS_RSA_WITH_RC4_128_SHA 128 bits
TLS_RSA_WITH_RC4_128_MD5 128 bits
TLS_RSA_WITH_DES_CBC_SHA 56 bits
TLS_RSA_WITH_3DES_EDE_CBC_SHA 112 bits
TLS_RSA_EXPORT_WITH_RC4_40_MD5 40 bits
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA 40 bits
TLS_DHE_RSA_WITH_DES_CBC_SHA 56 bits
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits
Preferred:
None - Server followed client cipher suite preference.
Accepted:
TLS_RSA_WITH_RC4_128_SHA 128 bits
TLS_RSA_WITH_RC4_128_MD5 128 bits
TLS_RSA_WITH_DES_CBC_SHA 56 bits
TLS_RSA_WITH_AES_256_CBC_SHA 256 bits
TLS_RSA_WITH_AES_128_CBC_SHA 128 bits
TLS_RSA_WITH_3DES_EDE_CBC_SHA 112 bits
TLS_RSA_EXPORT_WITH_RC4_40_MD5 40 bits
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA 40 bits
TLS_DHE_RSA_WITH_DES_CBC_SHA 56 bits
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits
我的Python代码:
class noSSLVerification(HttpAuthenticated):
def u2handlers(self):
# use handlers from superclass
handlers = HttpAuthenticated.u2handlers(self)
ctx = ssl._create_unverified_context()
ctx.options &= ~ssl.OP_ALL
ctx.options &= ~ssl.OP_NO_SSLv3
ctx.options &= ~ssl.OP_NO_COMPRESSION
ctx.options &= ~ssl.OP_CIPHER_SERVER_PREFERENCE
# https://www.openssl.org/docs/manmaster/man1/ciphers.html#CIPHER-LIST-FORMAT
# https://www.mkssoftware.com/docs/man1/openssl_ciphers.1.asp
cipher = "RC4-MD5:RC4-SHA:DES-CBC-SHA:DES-CBC3-SHA:EXP-RC4-MD5:EXP-DES-CBC-SHA:ADH-DES-CBC3-SHA:TLSv1.0:SSLv3"
ctx.set_ciphers(cipher)
handlers.append(HTTPSHandler(context=ctx))
return handlers
url = "https://..."
transport = noSSLVerification()
client = Client(url, transport=transport)
我知道使用其他证书更好,但有时没有选择:
ctx = ssl.SSLContext()
ctx.set_ciphers('ALL:@SECLEVEL=0')
我知道这是非常粗鲁的解决办法。使用它作为起点我知道使用另一个证书更好,但有时没有选择:
ctx = ssl.SSLContext()
ctx.set_ciphers('ALL:@SECLEVEL=0')
我知道这是非常粗鲁的解决办法。使用它作为起点您好,我尝试了您的方法,但不幸的是我仍然收到错误消息self.[sslobj.do\u handshake ssl.SSLError:[ssl]未知错误\u ssl.c:1076Hi,我尝试了您的方法,但不幸的是我仍然收到错误消息self.[sslobj.do\u handshake ssl.SSLError:[ssl]未知错误\u ssl.c:1076