{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 太酷不给撩 的问题《SSLError(“bad handshake”) when trying to access re》','https://www.manongdao.com/q-1378084.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I want to program webservices to exchange data in Python using Zeep. I can access services only with my certificate. I have a PFX certificate, but I converted it to two .pem files.
My code:
from zeep import Client
from zeep.wsse.signature import Signature
import requests
from requests import Session
key_filename ='/.files/cert.key.pem'
cert_filename = './files/cert.crt.pem'
session = Session()
r = requests.get('https:...../PingWs?wsdl',
cert=(cert_filename, key_filename))
print (r)
But I get
> raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='evidim-test.gov.si', port=443):
Max retries exceeded with url: /ws/test/PingWs?wsdl
(Caused by SSLError(SSLError("bad handshake: Error([('SSL routines',
'tls_process_server_certificate', 'certificate verify failed')],)",),))
This error almost certainly means that the remote endpoint is not signed with a certificate in your local certificate authority store. You have two options:
Install the certificate in the CA store that requests uses. By default this is your local system CA store, at least as well as it can be determined by requests.
Configure a different set of certificates to be used on a requests session object.
As an example:
Then I need to make sure that the server CA certificate is in /etc/photon/cacerts.pem. I use this like:
Check your time and date is correct. SSL can give problems if not
Its an issue you will have to resolve by whitelisting the CA certificate used to sign the remote server certificate you are trying to connect to from your system settings. But for the purposes of testing out only, you can turn off the verification using:
Don't use this in production.
Hope it helps!