问题描述
我正在使用Windows 10操作系统.
I'm using Windows 10 OS.
我想计算AWS的IP地址数.
I want to count the number of IP Address of AWS.
我使用python 2.7.14
和boto 2.6.0
我添加一个名为boto.config
的文件,找到C:\ Users \ Administrator文件夹
I add a file which name is boto.config
locate C:\Users\Administrator folder
boto.config的内容是:
The content of the boto.config is:
[Credentials]
aws_access_key_id=******
aws_secret_access_key=*****
脚本是:
#!/usr/bin/env python
# -*- encoding: utf8 -*-
import boto.ec2
from pprint import pprint
import ssh
import requests
import urllib3
import certifi
import ssl
conn = boto.ec2.connect_to_region('cn-north-1')
reservations = conn.get_all_instances()
InstanceMap=[]
for reservation in reservations:
for instance in reservation.instances:
if 'env' in instance.tags and instance.tags['env'] == 'test':
InstanceMap.append(instance.ip_address)
f = open('F:\ip.txt','w')
pprint(InstanceMap, f)
当我运行此脚本时,它显示出错误的形成:
When I run this script, it show the error formation:
我可以用什么方法解决这个问题?
What's the method can I solve this problem ?
推荐答案
我在Windows 10
机器上的boto3
和Python 3.7
遇到相同的问题.事实证明,由于我使用的是安装了Proxy的公司设备,因此* .amazonaws.com证书已被Proxy证书取代.此代理证书链需要Python certifi
模块信任.不管您是否有代理,下面的方法都可以解决SSL: CERTIFICATE_VERIFY_FAILED
错误.
I was having same issue with boto3
and Python 3.7
on Windows 10
machine. As it turned out, since I was using corporate device with Proxy installed, *.amazonaws.com certificate was getting replaced by the Proxy certificate. This Proxy certificate chain needed to be trusted by Python certifi
module. Whether or not, you have a proxy, below method should resolve SSL: CERTIFICATE_VERIFY_FAILED
error.
这是我为解决此问题所做的工作-
Here is what I did, to resolve the issue -
- 找到cacert.pem所在的路径-
import certifi
certifi.where()
C:\\Users\\[UserID]\\AppData\\Local\\Programs\\Python\\Python37-32\\lib\\site-packages\\certifi\\cacert.pem
-
将
AWS_CA_BUNDLE
环境变量设置为cacert.pem
路径-
Set
AWS_CA_BUNDLE
environment variable to thecacert.pem
path -
AWS_CA_BUNDLE=C:\Users\[UserID]\AppData\Local\Programs\Python\Python37-32\Lib\site-packages\certifi\cacert.pem
从amazonaws.com URL下载证书链.例如:在浏览器上转到 https://sts.amazonaws.com/xyz 并导出Root ,所有中间证书,域cert并另存为base64编码的.cer文件.在记事本中打开证书,复制所有内容.
Download the chain of certificates from amazonaws.com URL. For example: Go to https://sts.amazonaws.com/xyz on a browser and export Root, all the intermediate certificates, domain cert and save as base64 encoded .cer file. Open the certificates in notepad, copy all the contents.
现在在记事本中打开cacert.pem,然后在最后添加每个下载的证书内容(---Begin Certificate--- *** ---End Certificate---
).
Now open the cacert.pem in a notepad and just add every downloaded certificate contents (---Begin Certificate--- *** ---End Certificate---
) at the end.
重新启动命令行提示符或PowerShell,应解决SSL验证错误.
Restart the command line prompt or PowerShell, SSL verification error should be resolved.
这篇关于当我使用python boto连接到AWS ec2时,它显示SSLError:[SSL:CERTIFICATE_VERIFY_FAILED]证书验证失败(_ssl.c:661)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!