I try to get data from the website via https and got the error with SSL certificate, but when I run on my mac - all works fine.
I also try with curl and got the same error,
curl: (35) error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol
I run the parser in Docker container My Dockerfile:
FROM python:3.7
WORKDIR /parser
COPY ./requirements.txt .
RUN python -m pip install --upgrade pip
RUN pip install -r requirements.txt
COPY . /parser
I get the error below:
Traceback (most recent call last): │
│ File "/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py", line 672, in urlopen │
│ chunked=chunked, │
│ File "/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py", line 376, in _make_request │
│ self._validate_conn(conn) │
│ File "/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py", line 994, in _validate_conn │
│ conn.connect() │
│ File "/usr/local/lib/python3.7/site-packages/urllib3/connection.py", line 394, in connect │
│ ssl_context=context, │
│ File "/usr/local/lib/python3.7/site-packages/urllib3/util/ssl_.py", line 370, in ssl_wrap_socket │
│ return context.wrap_socket(sock, server_hostname=server_hostname) │
│ File "/usr/local/lib/python3.7/ssl.py", line 423, in wrap_socket │
│ session=session │
│ File "/usr/local/lib/python3.7/ssl.py", line 870, in _create │
│ self.do_handshake() │
│ File "/usr/local/lib/python3.7/ssl.py", line 1139, in do_handshake │
│ self._sslobj.do_handshake() │
│ ssl.SSLError: [SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:1076) │
│ During handling of the above exception, another exception occurred: │
│ Traceback (most recent call last): │
│ File "/usr/local/lib/python3.7/site-packages/requests/adapters.py", line 449, in send │
│ timeout=timeout │
│ File "/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py", line 720, in urlopen │
│ method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2] │
│ File "/usr/local/lib/python3.7/site-packages/urllib3/util/retry.py", line 436, in increment │
│ raise MaxRetryError(_pool, url, error or ResponseError(cause)) │
│ urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='life.pravda.com.ua', port=443): Max retries exceeded with url: /health/ (Caused by SSLError(SSLError(1, '[SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:1076)')) │
│ )
I resolved my problem with following commands in Dockerfile:
RUN apt-get update \
&& apt-get install openssl \
&& apt-get install ca-certificates
And also need to add python package pyopenssl
in requirements.txt
I'm sure it's not about Docker or certificate but you're need to check which of protocols that server could talk, like this:
nmap --script ssl-enum-ciphers -p 443 this-is-your-site.com
then setup SSL context that should works in your case:
import ssl
ssl_context = ssl.create_default_context()
# Sets up old and insecure TLSv1.
ssl_context.options &= ~ssl.OP_NO_TLSv1_3 & ~ssl.OP_NO_TLSv1_2 & ~ssl.OP_NO_TLSv1_1
ssl_context.minimum_version = ssl.TLSVersion.TLSv1
and use custom HTTPAdapter for this mountpoint this-is-your-site.com.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With