python - 调试斜纹异常错误

我一直没有找到使用twill的URL，我找不到进一步调试问题的方法。我已经在twill中为“http”、“equiv refresh”和“commands”启用了调试级别，但twill仍然没有给出任何有关错误的详细信息。以下是twill sh的输出：

    $ twill-sh

     -= Welcome to twill! =-

    current page:  *empty page*
    >> debug equiv-refresh 1
    DEBUG: setting equiv-refresh debugging to level 1
    current page:  *empty page*
    >> debug http 1
    DEBUG: setting http debugging to level 1
    current page:  *empty page*
    >> debug commands 1
    DEBUG: setting commands debugging to level 1
    current page:  *empty page*
    >> go https://auth.nbnco.net.au/okta/login

    ERROR: cannot go to 'https://auth.nbnco.net.au/okta/login'

    current page:  *empty page*

下面是python脚本的输出：

    $ ./test.py
    Traceback (most recent call last):
      File "./test.py", line 13, in <module>
        go("https://auth.nbnco.net.au/okta/login")
      File "/usr/lib/python2.7/site-packages/twill/commands.py", line 109, in go
        browser.go(url)
      File "/usr/lib/python2.7/site-packages/twill/browser.py", line 91, in go
        raise TwillException("cannot go to '%s'" % (url,))
    twill.errors.TwillException: cannot go to 'https://auth.nbnco.net.au/okta/login'

最佳答案

猜测：Twill不会加载页面，因为验证页面的SSL证书时出现问题。
尝试使用urllib2获取页面时失败，出现以下错误：

>>> urllib2.urlopen('https://auth.nbnco.net.au/okta/login')
Traceback (most recent call last):
...
urllib2.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)>

使用curl获取页面会产生以下输出：

$  curl https://auth.nbnco.net.au/okta/login > /dev/null
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). If the default
 bundle file isn't adequate, you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.

该页面在Firefox和Chromium中为我加载时没有错误，因此浏览器的证书处理对证书的处理方式有所不同。
站点SSL证书由Symantec颁发。这种行为可能与赛门铁克过去的证书颁发问题有关，这导致Chrome和Mozilla宣布他们将distrust SSL certificates from Symantec in 2018。
我认为在《暮光之城》里你没有什么可以解决这个问题的。