“SSLError:[SSL] PEM lib (_ssl.c:2532)"是什么意思?意思是使用 Python ssl 库?
问题描述
我正在尝试使用 Python 3 asyncio 模块连接到另一方并收到此错误:
I am trying to use connect to another party using Python 3 asyncio module and get this error:
36 sslcontext = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
---> 37 sslcontext.load_cert_chain(cert, keyfile=ca_cert)
38
SSLError: [SSL] PEM lib (_ssl.c:2532)
问题是错误的含义.我的证书是正确的,密钥文件(CA 证书)可能不正确.
The question is just what the error mean. My certificate is correct, the keyfile (CA certificate) might not.
解决方案
假设使用的是3.6版本:
Assuming that version 3.6 is being used:
参见:https://github.com/python/cpython/blob/3.6/Modules/_ssl.c#L3523-L3534
PySSL_BEGIN_ALLOW_THREADS_S(pw_info.thread_state);
r = SSL_CTX_check_private_key(self->ctx);
PySSL_END_ALLOW_THREADS_S(pw_info.thread_state);
if (r != 1) {
_setSSLError(NULL, 0, __FILE__, __LINE__);
goto error;
}
它的意思是 SSL_CTX_check_private_key
失败;因此,私钥不正确.
What it is saying is that SSL_CTX_check_private_key
failed; thus, the private key is not correct.
参考可能的版本:
- https://github.com/python/cpython/blob/3.4/Modules/_ssl.c#L2529-L2535
相关文章