运行python-socketio客户端和flask-socketio服务器时,我需要PyCharm(macOS Mojave上为2019.1.1)接受我的自签名SSL证书。
我试图通过Preferences/Tools/Server Certificates
将自签名证书添加到PyCharm。但是,它不能解决问题。当python-socketio客户端尝试连接到flask-socketio服务器时,它给了我错误。
在客户端,错误是这样抛出的:
Traceback (most recent call last):
File "message_manager.py", line 218, in run
namespaces=[self.channel])
File "/Users/hqiu/PycharmProjects/gps_simulator/src/venv/lib/python3.7/site-packages/socketio/client.py", line 262, in connect
engineio_path=socketio_path)
File "/Users/hqiu/PycharmProjects/gps_simulator/src/venv/lib/python3.7/site-packages/engineio/client.py", line 170, in connect
url, headers, engineio_path)
File "/Users/hqiu/PycharmProjects/gps_simulator/src/venv/lib/python3.7/site-packages/engineio/client.py", line 308, in _connect_polling
if self._connect_websocket(url, headers, engineio_path):
File "/Users/hqiu/PycharmProjects/gps_simulator/src/venv/lib/python3.7/site-packages/engineio/client.py", line 346, in _connect_websocket
cookie=cookies)
File "/Users/hqiu/PycharmProjects/gps_simulator/src/venv/lib/python3.7/site-packages/websocket/_core.py", line 514, in create_connection
websock.connect(url, **options)
File "/Users/hqiu/PycharmProjects/gps_simulator/src/venv/lib/python3.7/site-packages/websocket/_core.py", line 223, in connect
options.pop('socket', None))
File "/Users/hqiu/PycharmProjects/gps_simulator/src/venv/lib/python3.7/site-packages/websocket/_http.py", line 126, in connect
sock = _ssl_socket(sock, options.sslopt, hostname)
File "/Users/hqiu/PycharmProjects/gps_simulator/src/venv/lib/python3.7/site-packages/websocket/_http.py", line 260, in _ssl_socket
sock = _wrap_sni_socket(sock, sslopt, hostname, check_hostname)
File "/Users/hqiu/PycharmProjects/gps_simulator/src/venv/lib/python3.7/site-packages/websocket/_http.py", line 239, in _wrap_sni_socket
server_hostname=hostname,
File "/Users/hqiu/anaconda3/lib/python3.7/ssl.py", line 412, in wrap_socket
session=session
File "/Users/hqiu/anaconda3/lib/python3.7/ssl.py", line 853, in _create
self.do_handshake()
File "/Users/hqiu/anaconda3/lib/python3.7/ssl.py", line 1117, in do_handshake
self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1056)
这是服务器端的错误日志:
(82268) accepted ('127.0.0.1', 63087)
8d0d93e8376c44919237c647ceb899b3: Sending packet OPEN data {'sid': '8d0d93e8376c44919237c647ceb899b3', 'upgrades': ['websocket'], 'pingTimeout': 60000, 'pingInterval': 25000}
8d0d93e8376c44919237c647ceb899b3: Sending packet MESSAGE data 0
127.0.0.1 - - [16/Oct/2019 12:44:33] "GET /socket.io/?transport=polling&EIO=3&t=1571238873.310223 HTTP/1.1" 200 349 0.000423
(82268) accepted ('127.0.0.1', 63093)
Traceback (most recent call last):
File "/Users/hqiu/PycharmProjects/gps_simulator/src/venv/lib/python3.7/site-packages/eventlet/hubs/kqueue.py", line 105, in wait
readers.get(fileno, hub.noop).cb(fileno)
File "/Users/hqiu/PycharmProjects/gps_simulator/src/venv/lib/python3.7/site-packages/eventlet/greenthread.py", line 221, in main
result = function(*args, **kwargs)
File "/Users/hqiu/PycharmProjects/gps_simulator/src/venv/lib/python3.7/site-packages/eventlet/wsgi.py", line 818, in process_request
proto.__init__(conn_state, self)
File "/Users/hqiu/PycharmProjects/gps_simulator/src/venv/lib/python3.7/site-packages/eventlet/wsgi.py", line 357, in __init__
self.handle()
File "/Users/hqiu/PycharmProjects/gps_simulator/src/venv/lib/python3.7/site-packages/eventlet/wsgi.py", line 390, in handle
self.handle_one_request()
File "/Users/hqiu/PycharmProjects/gps_simulator/src/venv/lib/python3.7/site-packages/eventlet/wsgi.py", line 419, in handle_one_request
self.raw_requestline = self._read_request_line()
File "/Users/hqiu/PycharmProjects/gps_simulator/src/venv/lib/python3.7/site-packages/eventlet/wsgi.py", line 402, in _read_request_line
return self.rfile.readline(self.server.url_length_limit)
File "/Users/hqiu/anaconda3/lib/python3.7/socket.py", line 589, in readinto
return self._sock.recv_into(b)
File "/Users/hqiu/PycharmProjects/gps_simulator/src/venv/lib/python3.7/site-packages/eventlet/green/ssl.py", line 241, in recv_into
return self._base_recv(nbytes, flags, into=True, buffer_=buffer)
File "/Users/hqiu/PycharmProjects/gps_simulator/src/venv/lib/python3.7/site-packages/eventlet/green/ssl.py", line 256, in _base_recv
read = self.read(nbytes, buffer_)
File "/Users/hqiu/PycharmProjects/gps_simulator/src/venv/lib/python3.7/site-packages/eventlet/green/ssl.py", line 176, in read
super(GreenSSLSocket, self).read, *args, **kwargs)
File "/Users/hqiu/PycharmProjects/gps_simulator/src/venv/lib/python3.7/site-packages/eventlet/green/ssl.py", line 150, in _call_trampolining
return func(*a, **kw)
File "/Users/hqiu/anaconda3/lib/python3.7/ssl.py", line 911, in read
return self._sslobj.read(len, buffer)
ssl.SSLError: [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:2488)
所以我的问题是,如何在macOS上将自签名证书添加到PyCharm并让Python找到它?
请给我一些想法。
最佳答案
我认为PyCharm无法将SSL证书设置传达给Python。 Socket.IO客户端目前不正式支持自签名证书,但已提出要求。有关客户端中与SSL证书有关的两个问题,请参见this和this。
也就是说,长轮询传输是通过请求包实现的,因此您可以设置REQUESTS_CA_BUNDLE
环境变量来告知请求有关您的证书的信息。但是显然,这不适用于WebSocket。
关于python - 如何在PyCharm中添加自签名证书?,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/58417165/