Python pychef中的ssl证书验证
我正在尝试使用python连接到chef api。我正在使用从python连接到chef 代码如下:Python pychef中的ssl证书验证,python,ssl,chef-infra,pychef,Python,Ssl,Chef Infra,Pychef,我正在尝试使用python连接到chef api。我正在使用从python连接到chef 代码如下: import chef with chef.ChefAPI('https://chef-e.xxxx.com:443/organizations/xxxx', '/root/.chef/rajgourav.pem', 'rajgourav'): n = chef.Node('chef-e.xxxx.com') 我收到以下证书错误: [root@chef-e py]# /appl/pyt
import chef
with chef.ChefAPI('https://chef-e.xxxx.com:443/organizations/xxxx', '/root/.chef/rajgourav.pem', 'rajgourav'):
n = chef.Node('chef-e.xxxx.com')
我收到以下证书错误:
[root@chef-e py]# /appl/python27/bin/python mychef.py
Traceback (most recent call last):
File "mychef.py", line 6, in <module>
n = chef.Node('chef-e.xxxx.com')
File "/appl/python27/lib/python2.7/site-packages/chef/base.py", line 58, in __init__
data = self.api[self.url]
File "/appl/python27/lib/python2.7/site-packages/chef/api.py", line 229, in __getitem__
return self.api_request('GET', path)
File "/appl/python27/lib/python2.7/site-packages/chef/api.py", line 225, in api_request
response = self.request(method, path, headers, data)
File "/appl/python27/lib/python2.7/site-packages/chef/api.py", line 208, in request
response = self._request(method, self.url+path, data, dict((k.capitalize(), v) for k, v in request_headers.iteritems()))
File "/appl/python27/lib/python2.7/site-packages/chef/api.py", line 195, in _request
return urllib2.urlopen(request).read()
File "/appl/python27/lib/python2.7/urllib2.py", line 154, in urlopen
return opener.open(url, data, timeout)
File "/appl/python27/lib/python2.7/urllib2.py", line 431, in open
response = self._open(req, data)
File "/appl/python27/lib/python2.7/urllib2.py", line 449, in _open
'_open', req)
File "/appl/python27/lib/python2.7/urllib2.py", line 409, in _call_chain
result = func(*args)
File "/appl/python27/lib/python2.7/urllib2.py", line 1240, in https_open
context=self._context)
File "/appl/python27/lib/python2.7/urllib2.py", line 1197, in do_open
raise URLError(err)
urllib2.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)>
从api.py:
def __init__(self, url, key, client, version='0.10.8', headers={}):
有关我的环境的一些信息:
[root@chef-e py]# /appl/python27/bin/python
Python 2.7.10 (default, Aug 8 2015, 06:25:19)
[GCC 4.4.7 20120313 (Red Hat 4.4.7-16)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import chef
>>> chef.__version__
(0, 2, 3, 'dev')
>>>
谢谢,
拉吉古拉夫·贾恩有以下签名:
def __init__(self, url, key, client, version='0.10.8', headers={}, ssl_verify=True):
显然,您必须将参数ssl\u verify
设置为False
:
import chef
with chef.ChefAPI(
'https://chef-e.xxxx.com:443/organizations/xxxx',
'/root/.chef/rajgourav.pem',
'rajgourav',
ssl_verify=False):
但事实上,这一点在美国仍然缺失
编辑:事实上,这似乎是一个尚未发布的更改(尚未包含此选项)。因此,要么使用主分支的源代码,要么让作者发布新版本。我还更新了我的答案以反映您的编辑。如何修复对证书的信任,而不是禁用验证?python不能利用SSL\u CERT\u FILE环境变量(或者提供CA列表?)。这意味着将自签名证书添加到此列表中,当然,这可能是更好的方法。我没有使用pychef,所以我不知道确切的细节。根据stacktrace,这是urllib2的问题,不是我自己做python,我只是给出了一个想法,以防您已经不得不处理它;)这有助于解决问题吗?或者你找到了另一种方法吗?我认为这有点混乱,或者你在自己的帖子上发表了评论,而不是提问:)
import chef
with chef.ChefAPI(
'https://chef-e.xxxx.com:443/organizations/xxxx',
'/root/.chef/rajgourav.pem',
'rajgourav',
ssl_verify=False):