问题描述
当我尝试运行 tcms-api 模块但遵循给定的步骤时出现以下错误,
https://tcms-api.readthedocs.io/en/latest/modules/tcms_api.html#module-tcms_api
我在 CentOS 中使用 python 3,通过将证书安装到 docker 容器来应用我们自己的域和证书。
[root@KiwiTCMS-Testcase-Portal docker-compose]# python3 test-api.py
Traceback (most recent call last):
File "test-api.py",line 5,in <module>
rpc_client = TCMS()
File "/opt/rh/rh-python36/root/usr/lib/python3.6/site-packages/tcms_api/__init__.py",line 123,in __init__
config['tcms']['url']).server
File "/opt/rh/rh-python36/root/usr/lib/python3.6/site-packages/tcms_api/xmlrpc.py",line 124,in __init__
self.login(username,password,url)
File "/opt/rh/rh-python36/root/usr/lib/python3.6/site-packages/tcms_api/xmlrpc.py",line 131,in login
self.server.Auth.login(username,password)
File "/opt/rh/rh-python36/root/usr/lib64/python3.6/xmlrpc/client.py",line 1112,in __call__
return self.__send(self.__name,args)
File "/opt/rh/rh-python36/root/usr/lib64/python3.6/xmlrpc/client.py",line 1452,in __request
verbose=self.__verbose
File "/opt/rh/rh-python36/root/usr/lib64/python3.6/xmlrpc/client.py",line 1154,in request
return self.single_request(host,handler,request_body,verbose)
File "/opt/rh/rh-python36/root/usr/lib64/python3.6/xmlrpc/client.py",line 1166,in single_request
http_conn = self.send_request(host,line 1279,in send_request
self.send_content(connection,request_body)
File "/opt/rh/rh-python36/root/usr/lib64/python3.6/xmlrpc/client.py",line 1309,in send_content
connection.endheaders(request_body)
File "/opt/rh/rh-python36/root/usr/lib64/python3.6/http/client.py",line 1282,in endheaders
self._send_output(message_body,encode_chunked=encode_chunked)
File "/opt/rh/rh-python36/root/usr/lib64/python3.6/http/client.py",line 1042,in _send_output
self.send(msg)
File "/opt/rh/rh-python36/root/usr/lib64/python3.6/http/client.py",line 980,in send
self.connect()
File "/opt/rh/rh-python36/root/usr/lib64/python3.6/http/client.py",line 1448,in connect
server_hostname=server_hostname)
File "/opt/rh/rh-python36/root/usr/lib64/python3.6/ssl.py",line 407,in wrap_socket
_context=self,_session=session)
File "/opt/rh/rh-python36/root/usr/lib64/python3.6/ssl.py",line 817,in __init__
self.do_handshake()
File "/opt/rh/rh-python36/root/usr/lib64/python3.6/ssl.py",line 1077,in do_handshake
self._sslobj.do_handshake()
File "/opt/rh/rh-python36/root/usr/lib64/python3.6/ssl.py",line 689,in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_Failed] certificate verify Failed (_ssl.c:852)
解决方法
我看到您使用的是 RedHat 的 SoftwareCollections 中的 Python 3.6。该版本包含一个错误(或可以说是一个安全功能),它不尊重上游 Python 中记录的设置,允许您接受不受信任的 SSL 证书。 bugzilla.redhat.com 上报告了很多这样的事情,但我认为他们不会改变它!
这就是我们在测试套件中的做法: https://github.com/kiwitcms/tcms-api/blob/master/tests/krb5/integration_test.py#L18
,引入以下行解决问题,
import ssl
try:
_create_unverified_https_context = ssl._create_unverified_context
except AttributeError:
# Legacy Python that doesn't verify HTTPS certificates by default
pass
else:
# Handle target environment that doesn't support HTTPS verification
ssl._create_default_https_context = _create_unverified_https_context