AppEngine local dev上的Braintree SDK SSLCertificateError

2024-06-09 08:51:41 发布

您现在位置:Python中文网/ 问答频道 /正文
5284 3

在我的本地dev_appserver.py下使用Braintree SDKbraintree.ClientToken.generate()上返回以下错误:

SSLError: SSLCertificateError:
Invalid and/or missing SSL certificate for URL:  
https://api.sandbox.braintreegateway.com:443/merchants/<merchant_id>/client_token

我在服务器开始时使用requests_toolbelt

^{pr2}$

显式排除SSL验证也不起作用(返回相同的错误消息):

appengine.monkeypatch(validate_certificate=False)

事实上,如果没有requests_toolbelt,我在调用.generate()时得到的错误是:

ProtocolError('Connection aborted.', error(13, 'Permission denied'))

我也尝试过在braintree-python-appengine项目的main.py中进行黑客攻击,但是我得到了相同的SSL错误消息。在

我的开发环境:

  • MacOSX 10.11.6版
  • gcloud应用程序Python扩展1.9.63
  • Python 2.7.10
  • 请求==2.18.4
  • 脑树==3.39.0
  • 烧瓶==0.12.2

注:

  1. 一旦部署到googleappengine,我就可以毫无问题地取回客户端令牌
  2. https://www.braintreepayments.com/上直接使用requests返回200,没有任何错误

Tags: pyhttpsdevcom消息ssl错误certificate
1条回答
网友
1楼 · 发布于 2024-06-09 08:51:41

Braintree支持部门回复了我的询问(2017-11-20):

The error you're receiving is generally related to the SSL/TLS protocols being used when your app is run; our sandbox environment requires connections to be made via TLS 1.2, a requirement that does not yet apply to production.

From review, it appears that the protocols being used when the app is deployed locally are not valid for our environment. If the app settings are localised within the Google App Engine, that may be the cause of the issue; Python uses the system-supplied OpenSSL, and TLSv1.2 requires OpenSSL 1.0.1c or later.

所以根本原因是我的Python版本使用了旧版本的OpenSSL:

$ python  version
Python 2.7.10

$ python
>> import ssl
>> ssl.OPENSSL_VERSION
>> 'OpenSSL 0.9.8zh 14 Jan 2016'

解决方案是通过brew升级我的python版本:

^{pr2}$

然后,使用新安装的python启动我的dev server解决了SSLCertificateError

python2 $appserver_path/dev_appserver.py ...

相关问题 更多 >

    编程相关推荐