使用请求包时,SSL InsecurePlatform错误。

时间:2022-12-07 12:48:54

Im using Python 2.7.3 and Requests. I installed Requests via pip. I believe it's the latest version. I'm running on Debian Wheezy.

我使用的是Python 2.7.3和请求。我通过pip安装了请求。我相信这是最新的版本。我跑在Debian气喘。

I've used Requests lots of times in the past and never faced this issue, but it seems that when making https requests with Requests I get an InsecurePlatform exception.

在过去,我多次使用过请求,从来没有遇到过这个问题,但是当我请求使用https请求时,我得到了一个InsecurePlatform异常。

The error mentions urllib3, but I don't have that installed. I did install it to check if it resolved the error, but it didn't.

错误提到了urllib3,但我没有安装。我确实安装了它来检查它是否解决了错误,但它没有。

/usr/local/lib/python2.7/dist-packages/requests/packages/urllib3
/util/ssl_.py:79: InsecurePlatformWarning: A true SSLContext object is not
available. This prevents urllib3 from configuring SSL appropriately and 
may cause certain SSL connections to fail. For more information, see 
https://urllib3.readthedocs.org/en/latest  
/security.html#insecureplatformwarning.

Any ideas as to why I'm getting this? I've checked the docs, as specified in the error message, but the docs are saying to import urllib3 and either disable the warning, or provide a certificate.

关于我为什么得到这个?我已经检查了错误消息中指定的文档,但是文档说要导入urllib3,或者禁用警告,或者提供一个证书。

14 个解决方案

#1


369  

Use the somewhat hidden security feature:

使用隐藏的安全特性:

pip install 'requests[security]' or pip install pyOpenSSL ndg-httpsclient pyasn1

pip安装“请求[安全性]”或pip安装pyOpenSSL ndg-httpsclient pyasn1。

Both commands install following extra packages:

两个命令都安装了额外的包:

  • pyOpenSSL
  • pyOpenSSL
  • cryptography
  • 密码学
  • idna
  • idna

Please note that this is not required for python-2.7.9+.

请注意,这不是python-2.7.9+的要求。

If pip install fails with errors, check whether you have required development packages for libffi, libssl and python installed in your system using distribution's package manager:

如果pip安装失败了,请检查您是否需要在系统中使用分发包管理器安装libffi、libssl和python的开发包:

  • Debian/Ubuntu - python-dev libffi-dev libssl-dev packages.

    Debian/Ubuntu - python-dev -dev libssl-dev包。

  • Fedora - openssl-devel python-devel libffi-devel packages.

    Fedora - opensslr -devel -devel libffi-devel包。

Distro list above is incomplete.

上面的发行版是不完整的。

Workaround (see the original answer by @TomDotTom):

解决方案(见原始答案@TomDotTom):

In case you cannot install some of the required development packages, there's also an option to disable that warning:

如果您不能安装一些必需的开发包,还可以选择禁用该警告:

import requests.packages.urllib3
requests.packages.urllib3.disable_warnings()

#2


67  

Requests 2.6 introduced this warning for users of python prior to 2.7.9 with only stock SSL modules available.

请求2.6在2.7.9之前对python用户提出了这一警告,只有股票SSL模块可用。

Assuming you can't upgrade to a newer version of python, this will install more up-to-date python SSL libraries:

假设您不能升级到新版本的python,这将安装更多最新的python SSL库:

pip install --upgrade ndg-httpsclient 

HOWEVER, this may fail on some systems without the build-dependencies for pyOpenSSL. On debian systems, running this before the pip command above should be enough for pyOpenSSL to build:

但是,如果没有pyOpenSSL的构建依赖,这可能会在某些系统上失败。在debian系统上,在pip命令之前运行此命令就足以让pyOpenSSL构建:

apt-get install python-dev libffi-dev libssl-dev

#3


16  

I don't use this in production, just some test runners. And to reiterate the urllib3 documentation

我在生产中不使用这个,只是一些测试者。并重申urllib3文档。

If you know what you are doing and would like to disable this and other warnings

如果您知道您正在做什么,并且希望禁用这个和其他警告。

import requests.packages.urllib3
requests.packages.urllib3.disable_warnings()

Edit / Update:

编辑/更新:

The following should also work:

下面的工作也应该是:

import logging
import requests

# turn down requests log verbosity
logging.getLogger('requests').setLevel(logging.CRITICAL)

#4


8  

If you are not able to upgrade your Python version to 2.7.9, and want to suppress warnings,

如果您不能将您的Python版本升级到2.7.9,并且想要抑制警告,

you can downgrade your 'requests' version to 2.5.3:

您可以将“请求”版本降级为2.5.3:

sudo pip install requests==2.5.3

About version: http://fossies.org/diffs/requests/2.5.3_vs_2.6.0/requests/packages/urllib3/util/ssl_.py-diff.html

关于版本:http://fossies.org/diffs/requests/2.5.3_vs_2.6.0/requests/packages/urllib3/util/ssl_.py-diff.html

#5


7  

In fact, you can try this.

事实上,你可以试试这个。

requests.post("https://www.google.com", verify=False)

requests.post(“https://www.google.com”,验证= False)

you can read the code for requests.

您可以阅读请求的代码。

"C:\Python27\Lib\site-packages\requests\sessions.py"

“C:\ Python27 \ Lib \网站\ \ sessions.py请求”

class Session(SessionRedirectMixin):
......
 def request(self, method, url,
    params=None,
    data=None,
    headers=None,
    cookies=None,
    files=None,
    auth=None,
    timeout=None,
    allow_redirects=True,
    proxies=None,
    hooks=None,
    stream=None,
    verify=None,  # <========
    cert=None):
    """
    ...
    :param verify: (optional) if True, the SSL cert will be verified.
         A CA_BUNDLE path can also be provided.
    ...
    """

#6


5  

All of the solutions given here haven't helped (I'm constrained to python 2.6.6). I've found the answer in a simple switch to pass to pip:

这里给出的所有解决方案都没有帮助(我被限制在python 2.6.6中)。我在一个简单的切换到pip的过程中找到了答案:

$ sudo pip install --trusted-host pypi.python.org <module_name>

This tells pip that it's OK to grab the module from pypi.python.org.

这告诉pip从pypi.python.org获取模块是可以的。

For me, the issue is my company's proxy behind it's firewall that makes it look like a malicious client to some servers. Hooray security.

对我来说,问题是我的公司的代理服务器,它的防火墙使它看起来像一个恶意的客户端到一些服务器。万岁安全。

#7


2  

This answer is unrelated, but if you wanted to get rid of warning and get following warning from requests:

这个答案是不相关的,但如果你想摆脱警告,并从请求中得到警告:

InsecurePlatformWarning /usr/local/lib/python2.7/dist-packages/requests/packages/urllib3/util/ssl_.py:79: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.

InsecurePlatformWarning /usr/local/lib/python2.7/dist-packages /请求/包/ urllib3 / util / ssl_。py:79: InsecurePlatformWarning:一个真正的SSLContext对象是不可用的。这将阻止urllib3适当配置SSL,并可能导致某些SSL连接失败。有关更多信息,请参见https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning。

You can disable it by adding the following line to your python code:

您可以通过在python代码中添加以下代码来禁用它:

requests.packages.urllib3.disable_warnings()

requests.packages.urllib3.disable_warnings()

#8


1  

I had to go to bash (from ZSH) first. Then

我必须先去bash(从ZSH)。然后

sudo -H pip install 'requests[security]' --upgrade

fixed the problem.

固定的问题。

#9


0  

For me no work i need upgrade pip....

我没有工作我需要升级pip ....

Debian/Ubuntu

Debian / Ubuntu

install dependencies

安装依赖关系

sudo apt-get install libpython-dev libssl-dev libffi-dev

upgrade pip and install packages

升级pip并安装包。

sudo pip install -U pip
sudo pip install -U pyopenssl ndg-httpsclient pyasn1

If you want remove dependencies

如果您想要删除依赖项。

sudo apt-get remove --purge libpython-dev libssl-dev libffi-dev
sudo apt-get autoremove

#10


0  

I just had a similar issue on a CentOS 5 server where I installed python 2.7.12 in /usr/local on top of a much older version of python2.7. Upgrading to CentOS 6 or 7 isn't an option on this server right now.

我刚刚在CentOS 5服务器上遇到了类似的问题,我在/usr/local上安装了python 2.7.12,这是python的老版本。升级到CentOS 6或7不是现在这个服务器上的一个选项。

Some of the python 2.7 modules were still existing from the older version of python, but pip was failing to upgrade because the newer cryptography package is not supported by the CentOS 5 packages.

python 2.7模块中的一些仍然存在于老版本的python中,但是pip未能升级,因为新的加密软件包不受CentOS 5包的支持。

Specifically, 'pip install requests[security]' was failing because the openssl version on the CentOS 5 was 0.9.8e which is no longer supported by cryptography > 1.4.0.

具体地说,“pip安装请求[安全性]”失败了,因为CentOS 5上的openssl版本是0.9.8e,它不再被加密> 1.4.0支持。

To solve the OPs original issue I did:

为了解决OPs的原始问题,我做了:

1) pip install 'cryptography<1.3.5,>1.3.0'.  

This installed cryptography 1.3.4 which works with openssl-0.9.8e. cryptograpy 1.3.4 is also sufficient to satisfy the requirement for the following command.

这是安装在openssl-0.9.8e上的密码学1.3.4。密码1.3.4也足以满足以下命令的要求。

2) pip install 'requests[security]'

This command now installs because it doesn't try to install cryptography > 1.4.0.

该命令现在安装,因为它不尝试安装加密> 1.4.0。

Note that on Centos 5 I also needed to:

请注意,在Centos 5我也需要:

yum install openssl-devel

To allow cryptography to build

允许加密构建。

#11


0  

Below is how it's working for me on Python 3.6:

下面是在Python 3.6中为我工作的方式:

import requests
import urllib3

# Suppress InsecureRequestWarning: Unverified HTTPS
urllib3.disable_warnings()

#12


0  

Dont install pyOpenSSL as it shall soon be deprecated. Current best approach is-

不要安装pyOpenSSL,因为它将很快被弃用。目前最好的方法是-

import requests
requests.packages.urllib3.disable_warnings()

#13


0  

This came up for me on Ubuntu 14.04 (with Python 2.7.6) last week after i did a apt-get dist-upgrade that included libssl1.1:amd64 from deb.sury.org.

上周,我在ubuntu14.04 (Python 2.7.6)上做了一个简单的升级,其中包括libssl1.1:amd64来自deb.sury.org。

Since I run certbot-auto renew from a cron job, I also use the --no-self-upgrade to cut down on unscheduled maintenance. This seems to have been the source of the trouble.

由于我从cron作业中运行certbot-auto更新,所以我也使用-不自升级来减少不定期的维护。这似乎是问题的根源。

To fix the error, all I needed to do was become root (with su's --login switch) and let certbot-auto upgrade itself. I.e:

为了修复错误,我所需要做的就是成为root用户(使用su的登录开关),并让certbot自动升级。即:

sudo su --login
/usr/local/bin/certbot-auto renew 
# ... Upgrading certbot-auto 0.8.1 to 0.18.2... blah blah blah ...

instead of what normally runs from root's crontab:

而不是通常从根的crontab中运行的东西:

5 7 * * * /usr/local/bin/certbot-auto renew --quiet --no-self-upgrade

After that, letsencrypt renwals ran normally once again.

在那之后,letsencrypt renwals再次正常运行。

#14


0  

if you just want to stopping insecure warning like:

如果你只是想停止不安全的警告,比如:

/usr/lib/python3/dist-packages/urllib3/connectionpool.py:794: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html InsecureRequestWarning)

/usr/lib/python3/dist-packages / urllib3 / connectionpool。794:昆虫警告:未经验证的HTTPS请求正在进行。强烈建议添加证书验证。见:https://urllib3.readthedocs.org/en/latest/security.html InsecureRequestWarning)

do:

做的事:

requests.METHOD("https://www.google.com", verify=False)

verify=False

验证= False

is the key, followings are not good at it:

是关键,以下是不擅长的:

requests.packages.urllib3.disable_warnings()

requests.packages.urllib3.disable_warnings()

or

urllib3.disable_warnings()

urllib3.disable_warnings()

but, you HAVE TO know, that might cause potential security risks.

但是,你必须知道,这可能会导致潜在的安全风险。

#1


369  

Use the somewhat hidden security feature:

使用隐藏的安全特性:

pip install 'requests[security]' or pip install pyOpenSSL ndg-httpsclient pyasn1

pip安装“请求[安全性]”或pip安装pyOpenSSL ndg-httpsclient pyasn1。

Both commands install following extra packages:

两个命令都安装了额外的包:

  • pyOpenSSL
  • pyOpenSSL
  • cryptography
  • 密码学
  • idna
  • idna

Please note that this is not required for python-2.7.9+.

请注意,这不是python-2.7.9+的要求。

If pip install fails with errors, check whether you have required development packages for libffi, libssl and python installed in your system using distribution's package manager:

如果pip安装失败了,请检查您是否需要在系统中使用分发包管理器安装libffi、libssl和python的开发包:

  • Debian/Ubuntu - python-dev libffi-dev libssl-dev packages.

    Debian/Ubuntu - python-dev -dev libssl-dev包。

  • Fedora - openssl-devel python-devel libffi-devel packages.

    Fedora - opensslr -devel -devel libffi-devel包。

Distro list above is incomplete.

上面的发行版是不完整的。

Workaround (see the original answer by @TomDotTom):

解决方案(见原始答案@TomDotTom):

In case you cannot install some of the required development packages, there's also an option to disable that warning:

如果您不能安装一些必需的开发包,还可以选择禁用该警告:

import requests.packages.urllib3
requests.packages.urllib3.disable_warnings()

#2


67  

Requests 2.6 introduced this warning for users of python prior to 2.7.9 with only stock SSL modules available.

请求2.6在2.7.9之前对python用户提出了这一警告,只有股票SSL模块可用。

Assuming you can't upgrade to a newer version of python, this will install more up-to-date python SSL libraries:

假设您不能升级到新版本的python,这将安装更多最新的python SSL库:

pip install --upgrade ndg-httpsclient 

HOWEVER, this may fail on some systems without the build-dependencies for pyOpenSSL. On debian systems, running this before the pip command above should be enough for pyOpenSSL to build:

但是,如果没有pyOpenSSL的构建依赖,这可能会在某些系统上失败。在debian系统上,在pip命令之前运行此命令就足以让pyOpenSSL构建:

apt-get install python-dev libffi-dev libssl-dev

#3


16  

I don't use this in production, just some test runners. And to reiterate the urllib3 documentation

我在生产中不使用这个,只是一些测试者。并重申urllib3文档。

If you know what you are doing and would like to disable this and other warnings

如果您知道您正在做什么,并且希望禁用这个和其他警告。

import requests.packages.urllib3
requests.packages.urllib3.disable_warnings()

Edit / Update:

编辑/更新:

The following should also work:

下面的工作也应该是:

import logging
import requests

# turn down requests log verbosity
logging.getLogger('requests').setLevel(logging.CRITICAL)

#4


8  

If you are not able to upgrade your Python version to 2.7.9, and want to suppress warnings,

如果您不能将您的Python版本升级到2.7.9,并且想要抑制警告,

you can downgrade your 'requests' version to 2.5.3:

您可以将“请求”版本降级为2.5.3:

sudo pip install requests==2.5.3

About version: http://fossies.org/diffs/requests/2.5.3_vs_2.6.0/requests/packages/urllib3/util/ssl_.py-diff.html

关于版本:http://fossies.org/diffs/requests/2.5.3_vs_2.6.0/requests/packages/urllib3/util/ssl_.py-diff.html

#5


7  

In fact, you can try this.

事实上,你可以试试这个。

requests.post("https://www.google.com", verify=False)

requests.post(“https://www.google.com”,验证= False)

you can read the code for requests.

您可以阅读请求的代码。

"C:\Python27\Lib\site-packages\requests\sessions.py"

“C:\ Python27 \ Lib \网站\ \ sessions.py请求”

class Session(SessionRedirectMixin):
......
 def request(self, method, url,
    params=None,
    data=None,
    headers=None,
    cookies=None,
    files=None,
    auth=None,
    timeout=None,
    allow_redirects=True,
    proxies=None,
    hooks=None,
    stream=None,
    verify=None,  # <========
    cert=None):
    """
    ...
    :param verify: (optional) if True, the SSL cert will be verified.
         A CA_BUNDLE path can also be provided.
    ...
    """

#6


5  

All of the solutions given here haven't helped (I'm constrained to python 2.6.6). I've found the answer in a simple switch to pass to pip:

这里给出的所有解决方案都没有帮助(我被限制在python 2.6.6中)。我在一个简单的切换到pip的过程中找到了答案:

$ sudo pip install --trusted-host pypi.python.org <module_name>

This tells pip that it's OK to grab the module from pypi.python.org.

这告诉pip从pypi.python.org获取模块是可以的。

For me, the issue is my company's proxy behind it's firewall that makes it look like a malicious client to some servers. Hooray security.

对我来说,问题是我的公司的代理服务器,它的防火墙使它看起来像一个恶意的客户端到一些服务器。万岁安全。

#7


2  

This answer is unrelated, but if you wanted to get rid of warning and get following warning from requests:

这个答案是不相关的,但如果你想摆脱警告,并从请求中得到警告:

InsecurePlatformWarning /usr/local/lib/python2.7/dist-packages/requests/packages/urllib3/util/ssl_.py:79: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.

InsecurePlatformWarning /usr/local/lib/python2.7/dist-packages /请求/包/ urllib3 / util / ssl_。py:79: InsecurePlatformWarning:一个真正的SSLContext对象是不可用的。这将阻止urllib3适当配置SSL,并可能导致某些SSL连接失败。有关更多信息,请参见https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning。

You can disable it by adding the following line to your python code:

您可以通过在python代码中添加以下代码来禁用它:

requests.packages.urllib3.disable_warnings()

requests.packages.urllib3.disable_warnings()

#8


1  

I had to go to bash (from ZSH) first. Then

我必须先去bash(从ZSH)。然后

sudo -H pip install 'requests[security]' --upgrade

fixed the problem.

固定的问题。

#9


0  

For me no work i need upgrade pip....

我没有工作我需要升级pip ....

Debian/Ubuntu

Debian / Ubuntu

install dependencies

安装依赖关系

sudo apt-get install libpython-dev libssl-dev libffi-dev

upgrade pip and install packages

升级pip并安装包。

sudo pip install -U pip
sudo pip install -U pyopenssl ndg-httpsclient pyasn1

If you want remove dependencies

如果您想要删除依赖项。

sudo apt-get remove --purge libpython-dev libssl-dev libffi-dev
sudo apt-get autoremove

#10


0  

I just had a similar issue on a CentOS 5 server where I installed python 2.7.12 in /usr/local on top of a much older version of python2.7. Upgrading to CentOS 6 or 7 isn't an option on this server right now.

我刚刚在CentOS 5服务器上遇到了类似的问题,我在/usr/local上安装了python 2.7.12,这是python的老版本。升级到CentOS 6或7不是现在这个服务器上的一个选项。

Some of the python 2.7 modules were still existing from the older version of python, but pip was failing to upgrade because the newer cryptography package is not supported by the CentOS 5 packages.

python 2.7模块中的一些仍然存在于老版本的python中,但是pip未能升级,因为新的加密软件包不受CentOS 5包的支持。

Specifically, 'pip install requests[security]' was failing because the openssl version on the CentOS 5 was 0.9.8e which is no longer supported by cryptography > 1.4.0.

具体地说,“pip安装请求[安全性]”失败了,因为CentOS 5上的openssl版本是0.9.8e,它不再被加密> 1.4.0支持。

To solve the OPs original issue I did:

为了解决OPs的原始问题,我做了:

1) pip install 'cryptography<1.3.5,>1.3.0'.  

This installed cryptography 1.3.4 which works with openssl-0.9.8e. cryptograpy 1.3.4 is also sufficient to satisfy the requirement for the following command.

这是安装在openssl-0.9.8e上的密码学1.3.4。密码1.3.4也足以满足以下命令的要求。

2) pip install 'requests[security]'

This command now installs because it doesn't try to install cryptography > 1.4.0.

该命令现在安装,因为它不尝试安装加密> 1.4.0。

Note that on Centos 5 I also needed to:

请注意,在Centos 5我也需要:

yum install openssl-devel

To allow cryptography to build

允许加密构建。

#11


0  

Below is how it's working for me on Python 3.6:

下面是在Python 3.6中为我工作的方式:

import requests
import urllib3

# Suppress InsecureRequestWarning: Unverified HTTPS
urllib3.disable_warnings()

#12


0  

Dont install pyOpenSSL as it shall soon be deprecated. Current best approach is-

不要安装pyOpenSSL,因为它将很快被弃用。目前最好的方法是-

import requests
requests.packages.urllib3.disable_warnings()

#13


0  

This came up for me on Ubuntu 14.04 (with Python 2.7.6) last week after i did a apt-get dist-upgrade that included libssl1.1:amd64 from deb.sury.org.

上周,我在ubuntu14.04 (Python 2.7.6)上做了一个简单的升级,其中包括libssl1.1:amd64来自deb.sury.org。

Since I run certbot-auto renew from a cron job, I also use the --no-self-upgrade to cut down on unscheduled maintenance. This seems to have been the source of the trouble.

由于我从cron作业中运行certbot-auto更新,所以我也使用-不自升级来减少不定期的维护。这似乎是问题的根源。

To fix the error, all I needed to do was become root (with su's --login switch) and let certbot-auto upgrade itself. I.e:

为了修复错误,我所需要做的就是成为root用户(使用su的登录开关),并让certbot自动升级。即:

sudo su --login
/usr/local/bin/certbot-auto renew 
# ... Upgrading certbot-auto 0.8.1 to 0.18.2... blah blah blah ...

instead of what normally runs from root's crontab:

而不是通常从根的crontab中运行的东西:

5 7 * * * /usr/local/bin/certbot-auto renew --quiet --no-self-upgrade

After that, letsencrypt renwals ran normally once again.

在那之后,letsencrypt renwals再次正常运行。

#14


0  

if you just want to stopping insecure warning like:

如果你只是想停止不安全的警告,比如:

/usr/lib/python3/dist-packages/urllib3/connectionpool.py:794: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html InsecureRequestWarning)

/usr/lib/python3/dist-packages / urllib3 / connectionpool。794:昆虫警告:未经验证的HTTPS请求正在进行。强烈建议添加证书验证。见:https://urllib3.readthedocs.org/en/latest/security.html InsecureRequestWarning)

do:

做的事:

requests.METHOD("https://www.google.com", verify=False)

verify=False

验证= False

is the key, followings are not good at it:

是关键,以下是不擅长的:

requests.packages.urllib3.disable_warnings()

requests.packages.urllib3.disable_warnings()

or

urllib3.disable_warnings()

urllib3.disable_warnings()

but, you HAVE TO know, that might cause potential security risks.

但是,你必须知道,这可能会导致潜在的安全风险。