我正在尝试将Github API与httplib2一起使用。但是当我向它的端点发出请求时,它给了我以下错误:
import httplib2 h = httplib2.Http() h.request('https://api.github.com/gists') # OUT: Traceback (most recent call last): # OUT: File "<input>", line 1, in <module> # OUT: File "/usr/local/lib/python2.7/dist-packages/httplib2/__init__.py", line 1570, in request # OUT: (response, content) = self._request(conn, authority, uri, request_uri, method, body, headers, redirections, cachekey) # OUT: File "/usr/local/lib/python2.7/dist-packages/httplib2/__init__.py", line 1317, in _request # OUT: (response, content) = self._conn_request(conn, request_uri, method, body, headers) # OUT: File "/usr/local/lib/python2.7/dist-packages/httplib2/__init__.py", line 1252, in _conn_request # OUT: conn.connect() # OUT: File "/usr/local/lib/python2.7/dist-packages/httplib2/__init__.py", line 1044, in connect # OUT: raise SSLHandshakeError(e) # OUT: SSLHandshakeError: [Errno 1] _ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
我可以使用以下解决方法:
h = httplib2.Http(disable_ssl_certificate_validation=True) h.request('https://api.github.com/gists') # OUT: ({'content-length': '58443' ...
但这仍然是一种解决方法,我想知道如何使用httplib2为Github正确验证SSL证书。在Google上搜索时,我发现我应该更新cacerts.txt该库,但不知道如何更新Github的证书授权。还是通过https发送请求而没有证书验证问题的其他正确方法?
cacerts.txt
UPD: 最简单的方法是在Firefox中打开GitHub,依次查看页面信息->安全->查看证书->详细信息->导出->作为PEM文件。而且最好使用请求。
从Firefox提供的有关https连接的信息中,我发现GitHub的证书是“ DigiCert高保证EV根CA”,可以在以下位置找到:http : //curl.haxx.se/ca/cacert.pem
证书文本可以粘贴到httplib2.__path__ + '/cacerts.txt'或保存到单独的文件中,然后使用以下方法创建http连接:
httplib2.__path__ + '/cacerts.txt'
h = httplib2.Http(ca_certs='/path/to/that/file')
这也是有关此主题的有用文章。
