New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ssl error #419
Comments
Most likely this is because Python doesn't recognize the certificate authority that signed the certificate for that server. There were several changes around this in recent Python versions. Try creating a SSL connection without websockets, directly with https://docs.python.org/3/library/asyncio-eventloop.html?highlight=create_connection#asyncio.AbstractEventLoop.create_connection. |
import asyncio
import websockets
import ssl
print(ssl.OPENSSL_VERSION)
async def hello(uri):
reader, writer = await asyncio.open_connection('broadcastlv.chat.bilibili.com', 2245, ssl=True)
async with websockets.connect(uri) as websocket:
await websocket.send("Hello world!")
asyncio.get_event_loop().run_until_complete(hello('wss://broadcastlv.chat.bilibili.com:2245/sub')) OpenSSL 1.1.0g 2 Nov 2017 |
That is wired. But it is Python's fault. Can you give me some messages about it? I want to find out the reason, like this websocket(broadcastlv.chat.bilibili.com) is out-of-date or Python has some bugs. |
You can pass |
@aaugustin - I'm having the same problem... any idea on what might be wrong
gives:
if I pass
python
also fixes described here and here don't work for me also tried other socket libraries like websockets-client and autobahn, but was always getting the same results. btw, everything works fine via js:
|
Get websockets out of the equation and try opening a connection with: import asyncio
import ssl
loop = asyncio.get_event_loop()
ssl_context = ssl.SSLContext()
# customize ssl_context so it works for your server...
loop.run_until_complete(loop.open_connection('10.20.0.166', 11443, ssl=ssl_context)) Once this works — and I can't help you there — try doing the same with websockets. If it works, you're all set. If it doesn't, then it's a bug. |
There's a good summary of things to consider here: https://docs.python.org/3/library/ssl.html#ssl-security |
@aaugustin - so, if this works:
and this prints only
|
Yes, exactly. |
I used the following code and found that the only import asyncio
import ssl
import websockets
HOST = "example.com"
PORT = 443
ENDPOINT = "wss://%s:%s/brabrabra"
async def test1():
_, w = await asyncio.open_connection(HOST, PORT, ssl=ssl.SSLContext())
w.write(b"ping\n")
print("test1 passed")
async def test2():
_, w = await asyncio.open_connection(HOST, PORT)
w.write(b"ping\n")
print("test2 passed")
async def test3():
async with websockets.connect(ENDPOINT % (HOST, PORT), ssl=ssl.SSLContext()) as ws:
await ws.send(b"ping\n")
print("test3 passed")
async def test4():
async with websockets.connect(ENDPOINT % (HOST, PORT)) as ws:
await ws.send(b"ping\n")
print("test4 passed")
loop = asyncio.get_event_loop()
loop.run_until_complete(test1())
loop.run_until_complete(test2())
loop.run_until_complete(test3())
loop.run_until_complete(test4()) While the document of
NOTE: NOTE: I noticed that if I use NOTE: Noticed that using import certifi
ssl_context = ssl.create_default_context(cafile=certifi.where()) |
The proper comparison would be: async def test2():
_, w = await asyncio.open_connection(HOST, PORT, ssl=True)
w.write(b"ping\n")
print("test2 passed") I expect this will fail like test4. |
Having this (as suggested by waaadim) solved it for me
|
Please don't disable certificate validation... It isn't hard to get it right. There are examples in websockets docs. It's like buckling your seatbelt in a car. Annoying, but just do it please. |
wss://broadcastlv.chat.bilibili.com:2245/sub
It is so strange since I can connect it in website without any warnings on chrome. But when I use websockets, it shows msg "class 'ssl.SSLError'> [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:749)".
The text was updated successfully, but these errors were encountered: