python - 如何使googlemaps python库检测SSL证书？

问题

使工作：

import googlemaps
    gmaps = googlemaps.Client(key='AIza...')
    # Geocoding an address
    geocode_result = gmaps.geocode('1600 Amphitheatre Parkway, Mountain View, CA')

到目前为止尝试过...

我修复了所有请求库相关问题：

>>> requests.__version__
'2.9.1'

我有通过pip安装的请求。

我也尝试通过尝试另一种情况来揭示问题：

import requests
import certifi

r = requests.get('https://graph.facebook.com/spotify', verify=certifi.where())
r = requests.get('https://graph.facebook.com/spotify')

所有作品都没有任何问题。

然后：

openssl s_client -connect graph.facebook.com:443 -CAfile $(python -m certifi)

可以正常工作。

但：

import googlemaps
gmaps = googlemaps.Client(key='AIza...')
# Geocoding an address
geocode_result = gmaps.geocode('1600 Amphitheatre Parkway, Mountain View, CA')

返回值：

Traceback (most recent call last):
  File "get_times.py", line 7, in <module>
    geocode_result = gmaps.geocode('1600 Amphitheatre Parkway, Mountain View, CA')
  File "/usr/local/lib/python2.7/dist-packages/googlemaps/geocoding.py", line 68, in geocode
    return client._get("/maps/api/geocode/json", params)["results"]
  File "/usr/local/lib/python2.7/dist-packages/googlemaps/client.py", line 205, in _get
    raise googlemaps.exceptions.TransportError(e)
googlemaps.exceptions.TransportError: bad handshake: Error([('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE', 'certificate verify failed')],)

什么是双重怪异的-似乎是这样工作的（我剪掉了很长的十六进制代码）：

$ openssl s_client -connect maps.googleapis.com:443 -CAfile $(python -m certifi)
CONNECTED(00000003)
depth=3 C = US, O = Equifax, OU = Equifax Secure Certificate Authority
verify return:1
depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
verify return:1
depth=1 C = US, O = Google Inc, CN = Google Internet Authority G2
verify return:1
depth=0 C = US, ST = California, L = Mountain View, O = Google Inc, CN = *.googleapis.com
verify return:1
---
Certificate chain
 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.googleapis.com
   i:/C=US/O=Google Inc/CN=Google Internet Authority G2
 1 s:/C=US/O=Google Inc/CN=Google Internet Authority G2
   i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
 2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
   i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.googleapis.com
issuer=/C=US/O=Google Inc/CN=Google Internet Authority G2
---
No client certificate CA names sent
---
SSL handshake has read 3820 bytes and written 431 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: ...
    Session-ID-ctx:
    Master-Key: ...
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 100800 (seconds)
    TLS session ticket:
    0000 - ...                                     ....

    Start Time: 1454060879
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---

不知道这是否是一种有效的方法，但是当我尝试时：

import requests
import certifi

API_KEY = "AIza..."
url = ("https://maps.googleapis.com/maps/api/directions/json?"
       "origin=75+9th+Ave+New+York,+NY&"
       "destination=MetLife+Stadium+1+MetLife+Stadium+Dr+East+Rutherford,+NJ+07073&"
       "key=%s") % (API_KEY)
r = requests.get(url, verify=certifi.where())

结果是：

Traceback (most recent call last):
  File "get_times.py", line 10, in <module>
    r = requests.get(url, verify=certifi.where())
  File "/usr/local/lib/python2.7/dist-packages/requests/api.py", line 67, in get
    return request('get', url, params=params, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/requests/api.py", line 53, in request
    return session.request(method=method, url=url, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 468, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 576, in send
    r = adapter.send(request, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/requests/adapters.py", line 447, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: bad handshake: Error([('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE', 'certificate verify failed')],)

我不在任何服务器或主机上运行此程序...我只是想使其在我的PC上作为简单的CLI脚本运行...

最佳答案

感谢利亚姆·霍恩（Liam Horne）在这里的回答：https://stackoverflow.com/a/34665344/552621

  我找到了解决方案。的版本似乎存在一个主要问题
  正在运行的certifi。我从这个（很长）中发现了这个
  GitHub问题：https://github.com/certifi/python-certifi/issues/26

  TL; DR

  pip uninstall -y certifi && pip install certifi==2015.04.28