我试图通过将上游服务器作为代理传递来终止NGINX上的SSL。 工作环境位于本地主机上
我已经想尽一切办法抑制这个错误,但它不会
NGINX配置
stream {
upstream stream_backend {
server localhost:5011;
}
server {
listen 80;
listen 443 ssl;
proxy_pass stream_backend;
ssl_certificate /etc/ssl/certs/proxypool.crt;
ssl_certificate_key /etc/ssl/private/proxypool.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_session_timeout 4h;
ssl_session_cache shared:SSL:20m;
}
}
生成证书的方式
sudo openssl req -x509 -nodes -days 9999 -newkey rsa:2048 \
-keyout /etc/ssl/private/proxypool.key \
-out /etc/ssl/certs/proxypool.crt
*所有提示的答案均为空
我执行请求的方式
proxies = {
'http': 'http://localhost',
'https': 'https://localhost'
}
response = requests.post(
'https://api.ipify.org?format=json',
proxies=proxies,
verify="/etc/ssl/certs/proxypool.pem"
)
错误
requests.exceptions.SSLError: HTTPSConnectionPool(host='api.ipify.org', port=443): Max retries exceeded with url: /?format=json (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:1131)')))
我尝试过但没有成功的事情
verify=False
。结果certificate verify failed: Hostname mismatch, certificate is not valid for 'localhost'
将自签名证书添加到Python证书束中,通过以下方式检查其位置:
并将您的证书添加到该文件的末尾
相关问题 更多 >
编程相关推荐