请求Microsoft graph api时发生SSL错误

2024-04-24 09:30:02 发布

您现在位置:Python中文网/ 问答频道 /正文
7465 3

我正在尝试将Microsoft Graph API集成到airflow应用程序docker compose中。我有一个用于我的域的自签名SSL证书

下面是DAG(pythonOperator)的示例:[我正在使用msalpypi包]

app_meta = MicrosoftGraphAPI.get()
app = msal.ConfidentialClientApplication(
   app_meta['client_id'],
   authority=app_meta['authority'],
   client_credential=app_meta['client_credential'],
   token_cache=None,
)

错误:

    WARNING - Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')])"))': /d8c857c0-b2da-48fd-9b28-db5792c0d481/v2.0/.well-known/openid-configuration
[2021-06-23 10:19:02,870] {taskinstance.py:1396} ERROR - HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with url: /d8c857c0-b2da-48fd-9b28-db5792c0d481/v2.0/.well-known/openid-configuration (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')])")))
Traceback (most recent call last):
  File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/contrib/pyopenssl.py", line 488, in wrap_socket
    cnx.do_handshake()
  File "/home/airflow/.local/lib/python3.8/site-packages/OpenSSL/SSL.py", line 1934, in do_handshake
    self._raise_ssl_error(self._ssl, result)
  File "/home/airflow/.local/lib/python3.8/site-packages/OpenSSL/SSL.py", line 1671, in _raise_ssl_error
    _raise_current_error()
  File "/home/airflow/.local/lib/python3.8/site-packages/OpenSSL/_util.py", line 54, in exception_from_error_queue
    raise exception_type(errors)
OpenSSL.SSL.Error: [('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')]
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
  File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 670, in urlopen
    httplib_response = self._make_request(
  File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 381, in _make_request
    self._validate_conn(conn)
  File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 978, in _validate_conn
    conn.connect()
  File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/connection.py", line 362, in connect
    self.sock = ssl_wrap_socket(
  File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/util/ssl_.py", line 386, in ssl_wrap_socket
    return context.wrap_socket(sock, server_hostname=server_hostname)
  File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/contrib/pyopenssl.py", line 494, in wrap_socket
    raise ssl.SSLError("bad handshake: %r" % e)

更新:我不想忽略证书验证。如何修复它


Tags: inpyappsslhomelibpackageslocal
1条回答
网友
1楼 · 发布于 2024-04-24 09:30:02

早期的中间CA证书是可选的,但现在必须在证书链中提供所有根证书和中间证书。我在连接nuget站点下载软件包时也遇到了这个问题,所以我安装了“BaltimoreCyberTrustRoot”、“Microsoft Azure TLS发布CA 01”和“DigiCertGlobalRootG2”。这对我有用

相关问题 更多 >

    编程相关推荐