更新时间:2022-03-06 22:13:57
当您通过浏览器访问URL时,您的浏览器将成为客户端服务器成为托管哪个Web站点。现在,由于您已经为浏览器导入了CA证书,这就是为什么网站在浏览器中无错误地打开的原因。
When you access URL through browser, you browser becomes client and server becomes on which Web site is hosted. Now, since you have imported CA certificate for browser, that's why web site is opening without error in browser.
现在,当您从python脚本打开同一个网站时,客户端成为你的python脚本,它不知道这个CA证书。 Python脚本不使用 Windows证书存储,因此您必须指定要对其进行证书验证的 CA证书。
Now, when you open same website from your python script, client becomes your python script and it is not aware of this CA certificate. Python script do not use the Windows Certificate Store, so you will have to specify a CA certificate against which the certificate verification will be done.
所以,你明确告诉脚本有关CA证书的内容如下:
So, you have tell explicitly to script regarding CA certificate which can as follow:
urllib2.urlopen("https://dinesh.com", cafile="test_cert.pem")
你可以在这里找到文档: urllib2.urlopen 。
You can find the documentation here: urllib2.urlopen.
更新
以上链接的片段:
可选的
cafile
和capath
参数为HTTPS请求指定一组
可信CA证书。cafile
应将
指向包含一组CA证书的单个文件,而
capath
应指向散列证书文件的目录。更多信息可以在
ssl中找到.SSLContext.load_verify_locations() 。
The optional
cafile
andcapath
parameters specify a set of trusted CA certificates for HTTPS requests.cafile
should point to a single file containing a bundle of CA certificates, whereascapath
should point to a directory of hashed certificate files. More information can be found in ssl.SSLContext.load_verify_locations().