JavaEar 专注于收集分享传播有价值的技术资料

SSL UNSUPPORTED_PROTOCOL Python 3 in Docker

I try to get data from the website via https and got the error with SSL certificate, but when I run on my mac - all works fine.

I also try with curl and got the same error,

curl: (35) error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol

I run the parser in Docker container My Dockerfile:

FROM python:3.7

WORKDIR /parser
COPY ./requirements.txt .

RUN python -m pip install --upgrade pip

RUN pip install -r requirements.txt

COPY . /parser

I get the error below:

 Traceback (most recent call last):                                                                                                                                                                                                       │
│     File "/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py", line 672, in urlopen                                                                                                                                          │
│       chunked=chunked,                                                                                                                                                                                                                     │
│     File "/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py", line 376, in _make_request                                                                                                                                    │
│       self._validate_conn(conn)                                                                                                                                                                                                            │
│     File "/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py", line 994, in _validate_conn                                                                                                                                   │
│       conn.connect()                                                                                                                                                                                                                       │
│     File "/usr/local/lib/python3.7/site-packages/urllib3/connection.py", line 394, in connect                                                                                                                                              │
│       ssl_context=context,                                                                                                                                                                                                                 │
│     File "/usr/local/lib/python3.7/site-packages/urllib3/util/ssl_.py", line 370, in ssl_wrap_socket                                                                                                                                       │
│       return context.wrap_socket(sock, server_hostname=server_hostname)                                                                                                                                                                    │
│     File "/usr/local/lib/python3.7/ssl.py", line 423, in wrap_socket                                                                                                                                                                       │
│       session=session                                                                                                                                                                                                                      │
│     File "/usr/local/lib/python3.7/ssl.py", line 870, in _create                                                                                                                                                                           │
│       self.do_handshake()                                                                                                                                                                                                                  │
│     File "/usr/local/lib/python3.7/ssl.py", line 1139, in do_handshake                                                                                                                                                                     │
│       self._sslobj.do_handshake()                                                                                                                                                                                                          │
│   ssl.SSLError: [SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:1076)                                                                                                                                                             │
│   During handling of the above exception, another exception occurred:                                                                                                                                                                      │
│   Traceback (most recent call last):                                                                                                                                                                                                       │
│     File "/usr/local/lib/python3.7/site-packages/requests/adapters.py", line 449, in send                                                                                                                                                  │
│       timeout=timeout                                                                                                                                                                                                                      │
│     File "/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py", line 720, in urlopen                                                                                                                                          │
│       method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2]                                                                                                                                                                      │
│     File "/usr/local/lib/python3.7/site-packages/urllib3/util/retry.py", line 436, in increment                                                                                                                                            │
│       raise MaxRetryError(_pool, url, error or ResponseError(cause))                                                                                                                                                                       │
│   urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='life.pravda.com.ua', port=443): Max retries exceeded with url: /health/ (Caused by SSLError(SSLError(1, '[SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:1076)'))   │
│   )

3个回答

    最佳答案
  1. I resolved my problem with following commands in Dockerfile:

    RUN    apt-get update \
        && apt-get install openssl \
        && apt-get install ca-certificates
    
    

    And also need to add python package pyopenssl in requirements.txt

  2. 参考答案2
  3. I'm sure it's not about Docker or certificate but you're need to check which of protocols that server could talk, like this:

    nmap --script ssl-enum-ciphers -p 443 this-is-your-site.com
    

    then setup SSL context that should works in your case:

    import ssl
    ssl_context = ssl.create_default_context()
    # Sets up old and insecure TLSv1.
    ssl_context.options &= ~ssl.OP_NO_TLSv1_3 & ~ssl.OP_NO_TLSv1_2 & ~ssl.OP_NO_TLSv1_1
    ssl_context.minimum_version = ssl.TLSVersion.TLSv1
    

    and use custom HTTPAdapter for this mountpoint this-is-your-site.com.

  4. 参考答案3
  5. I had this issue on Python 3.8.1, but not Python 3.7.4 using mysql-connector-python. Then switching to pymysql resolved it. Just a heads up for future readers.