Android Raspberry 请求 api 失败 iOS 请求成功【ssl 证书配置问题】
好几个月之前,我用 node.js 部署了一个 api,然后用树莓派 python 调用竟然失败了,没找到原因,就搁置了
最近写 React Native 项目
同一个 api https://hongweizhu.com:3000/x_mood
Android 模拟器和真机请求失败
iOS 及模拟器请求成功
Postman 请求成功
Raspberry 请求失败(但是跳过 SSL 证书验证可以请求成功,用的阿里云申请的免费证书)
import requestsurl = 'https://hongweizhu.com:3000/x_mood'# 根据实际情况构造请求体,这里是一个示例
payload = {'title': '今日心情','mood': '开心','content': '今天阳光明媚,心情很好。',
}# 如果需要身份验证或 token,可以在 headers 中添加
headers = {'Content-Type': 'application/json',# 'Authorization': 'Bearer YOUR_TOKEN_HERE', # 如有需要
}# 添加 verify=False 来跳过 SSL 证书验证
response = requests.post(url, json=payload, headers=headers, verify=False)# 打印响应内容
print(f'Status code: {response.status_code}')
try:print('Response:', response.json())
except Exception as e:print('Response text:', response.text)print('Error parsing JSON:', e)pi@raspberrypi:~/test $ sudo python3 test_api.py
Traceback (most recent call last):File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 705, in urlopenhttplib_response = self._make_request(^^^^^^^^^^^^^^^^^^^File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 388, in _make_requestself._validate_conn(conn)File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 1050, in _validate_connconn.connect()File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 414, in connectself.sock = ssl_wrap_socket(^^^^^^^^^^^^^^^^File "/usr/lib/python3/dist-packages/urllib3/util/ssl_.py", line 449, in ssl_wrap_socketssl_sock = _ssl_wrap_socket_impl(^^^^^^^^^^^^^^^^^^^^^^File "/usr/lib/python3/dist-packages/urllib3/util/ssl_.py", line 493, in _ssl_wrap_socket_implreturn ssl_context.wrap_socket(sock, server_hostname=server_hostname)^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^File "/usr/lib/python3.11/ssl.py", line 517, in wrap_socketreturn self.sslsocket_class._create(^^^^^^^^^^^^^^^^^^^^^^^^^^^^^File "/usr/lib/python3.11/ssl.py", line 1108, in _createself.do_handshake()File "/usr/lib/python3.11/ssl.py", line 1379, in do_handshakeself._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:992)During handling of the above exception, another exception occurred:Traceback (most recent call last):File "/usr/lib/python3/dist-packages/requests/adapters.py", line 489, in sendresp = conn.urlopen(^^^^^^^^^^^^^File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 789, in urlopenretries = retries.increment(^^^^^^^^^^^^^^^^^^File "/usr/lib/python3/dist-packages/urllib3/util/retry.py", line 594, in incrementraise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='hongweizhu.com', port=3000): Max retries exceeded with url: /x_mooood_note (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:992)')))During handling of the above exception, another exception occurred:Traceback (most recent call last):File "/home/pi/test/test_api.py", line 19, in <module>response = requests.post(url, json=payload, headers=headers, verify=True)^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^File "/usr/lib/python3/dist-packages/requests/api.py", line 115, in postreturn request("post", url, data=data, json=json, **kwargs)^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^File "/usr/lib/python3/dist-packages/requests/api.py", line 59, in requestreturn session.request(method=method, url=url, **kwargs)^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^File "/usr/lib/python3/dist-packages/requests/sessions.py", line 587, in requestresp = self.send(prep, **send_kwargs)^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^File "/usr/lib/python3/dist-packages/requests/sessions.py", line 701, in sendr = adapter.send(request, **kwargs)^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^File "/usr/lib/python3/dist-packages/requests/adapters.py", line 563, in sendraise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='hongweizhu.com', port=3000): Max retries exceeded with url: /x_mooood_note (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:992)')))
pi@raspberrypi:~/test $
然后把 apche 配置 ssl 的部分发给 AI
# SSL Engine Switch:# Enable/Disable SSL for this virtual host.SSLEngine on# A self-signed (snakeoil) certificate can be created by installing# the ssl-cert package. See# /usr/share/doc/apache2/README.Debian.gz for more info.# If both key and certificate are stored in the same file, only the# SSLCertificateFile directive is needed.# SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem# SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.keySSLCertificateFile /etc/apache2/ssl/hongweizhu.com_public.crtSSLCertificateKeyFile /etc/apache2/ssl/hongweizhu.com.key
没有设置中间证书链(SSLCertificateChainFile)
没有配置 chain.crt 哈哈哈哈哈
以前我想过,怎么申请的证书解压后有 3 个文件
而 apache 示例代码只给了两个,之前就配置了两条,web 浏览器,iOS 用没问题,就没管第三个文件
https://www.ssllabs.com/index.html
直到现在树莓派请求失败,android 请求失败。。。。。。
就这样吧,哈哈哈哈哈
希望对你有些帮助。
有错误或者疑问留言。
我的个人网站 点击访问 hongweizhu.com。
END
推荐一下我写的的 App 熊猫小账本,里面有用到这篇博客讲的内容
熊猫小账本 一个简洁的记账 App,用于记录日常消费开支收入,使用 iCloud 保存同步数据。
- 支持备注,自定义时间偶尔忘记记账也没关系。
- 搜索历史记账,支持分类、金额、备注。
- 启动时需要面容/指纹验证,保护个人隐私。
- 支持自定义分类功能,自由添加修改分类。
- 统计图表,支出收入一目了然。
- 每天提醒记账,不会有其他推送。
- 桌面锁屏小组件等。
点击了解更多详情 👀