SSLError("bad handshake") when trying to access resources Custom Certificates and Requests

python pfx zeep
lopow picture lopow · Nov 9, 2017 · Viewed 56.1k times · Source

I want to program webservices to exchange data in Python using Zeep. I can access services only with my certificate. I have a PFX certificate, but I converted it to two .pem files.

My code:

from zeep import Client
from zeep.wsse.signature import Signature 
import requests
from requests import Session
key_filename ='/.files/cert.key.pem'
cert_filename = './files/cert.crt.pem'
session = Session()  
r = requests.get('https:...../PingWs?wsdl',
             cert=(cert_filename, key_filename)) 
print (r)

But I get

> raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='evidim-test.gov.si', port=443):
Max retries exceeded with url: /ws/test/PingWs?wsdl
(Caused by SSLError(SSLError("bad handshake: Error([('SSL routines',
'tls_process_server_certificate', 'certificate verify failed')],)",),))

Answer

sshussain270 picture sshussain270 · Dec 2, 2017

Its an issue you will have to resolve by whitelisting the CA certificate used to sign the remote server certificate you are trying to connect to from your system settings. But for the purposes of testing out only, you can turn off the verification using:

r = requests.get('https:...../PingWs?wsdl',verify=False)

Don't use this in production.

Hope it helps!

Related questions

How do I list all files of a directory?

How can I list all files of a directory in Python and add them to a list?

Read More
Iterating over dictionaries using 'for' loops

I am a bit puzzled by the following code: d = {'x': 1, 'y': 2, 'z': 3} for key in d: print key, 'corresponds to', d[key] What I don't understand is the key portion. How does Python recognize that it needs only to …

Read More
Does Python have a string 'contains' substring method?

I'm looking for a string.contains or string.indexof method in Python. I want to do: if not somestring.contains("blah"): continue

Read More