Hello. I’m trying to connect to a server with https. I have the certificate which is a self signed certificate which is being included in the verify parameter but the result is an error ‘certificate verify failed’ error. I was suspecting it had to do with the certificate being self signed (by Microsoft IIS) but with curl this works.
Thanks in advance!
This is the openssl output:
openssl s_client -showcerts -connect server:44300
CONNECTED(00000003)
depth=0 CN = server
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = server
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0 s:/CN=server
i:/CN=server
-----BEGIN CERTIFICATE-----
<certificate data here>
-----END CERTIFICATE-----
---
Server certificate
subject=/CN=server
issuer=/CN=server
---
No client certificate CA names sent
Peer signing digest: SHA1
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 1477 bytes and written 431 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: CC4A000083B1E03B446416C9C0B16CBEAB79949E3CF5C936A309A6F92FA01364
Session-ID-ctx:
Master-Key: 798A570B0EC2A0CBB7C4C4DE6167E7579A92239942D869CD794B8BEBEA6EB5E492394634AD32665A8BB829DE1F3858D2
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1510329948
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
Expected Result
I’m expecting, since the certificate is in the verify parameter, that the connection won’t fail. If I try the same with curl outside python it works:
curl https://server:44300 --cacert /usr/share/ca-certificates/server.crt
HTTP/1.1 403 Forbidden
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 1158
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
P3P: CP=None
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type
Access-Control-Allow-Credentials: true
Date: Fri, 10 Nov 2017 16:02:26 GMT
(It fails but not because of certificate issues)
Actual Result
Traceback (most recent call last):
File "<string>", line 1, in <module>
File "xxxxx/TestVirtualEnv/local/lib/python2.7/site-packages/requests/api.py", line 72, in get
return request('get', url, params=params, **kwargs)
File "xxxxx/TestVirtualEnv/local/lib/python2.7/site-packages/requests/api.py", line 58, in request
return session.request(method=method, url=url, **kwargs)
File "xxxxx/TestVirtualEnv/local/lib/python2.7/site-packages/requests/sessions.py", line 508, in request
resp = self.send(prep, **send_kwargs)
File "xxxxx/TestVirtualEnv/local/lib/python2.7/site-packages/requests/sessions.py", line 618, in send
r = adapter.send(request, **kwargs)
File "xxxxx/TestVirtualEnv/local/lib/python2.7/site-packages/requests/adapters.py", line 506, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='nlybstqvp4nb75n.code1.emi.philips.com', port=44300): Max retries exceeded with url: / (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
Reproduction Steps
import requests requests.get('https://server:44300', verify='/usr/share/ca-certificates/server.crt')
System Information
$ python -m requests.help
{
"chardet": {
"version": "3.0.4"
},
"cryptography": {
"version": "2.1.3"
},
"idna": {
"version": "2.6"
},
"implementation": {
"name": "CPython",
"version": "2.7.12"
},
"platform": {
"release": "4.10.0-38-generic",
"system": "Linux"
},
"pyOpenSSL": {
"openssl_version": "1010007f",
"version": "17.3.0"
},
"requests": {
"version": "2.18.4"
},
"system_ssl": {
"version": "1000207f"
},
"urllib3": {
"version": "1.22"
},
"using_pyopenssl": true
}
This command is only available on Requests v2.16.4 and greater. Otherwise,
please provide some basic information about your system (Python version,
operating system, &c).
Содержание
- SSLError «bad handshake: Error([(‘SSL routines’, ‘tls_process_server_certificate’, ‘certificate verify failed’)],) with self signed certificate #4381
- Comments
- Expected Result
- Actual Result
- Reproduction Steps
- System Information
- bad handshake error with ssl3 #3774
- Comments
SSLError «bad handshake: Error([(‘SSL routines’, ‘tls_process_server_certificate’, ‘certificate verify failed’)],) with self signed certificate #4381
Hello. I’m trying to connect to a server with https. I have the certificate which is a self signed certificate which is being included in the verify parameter but the result is an error ‘certificate verify failed’ error. I was suspecting it had to do with the certificate being self signed (by Microsoft IIS) but with curl this works.
Thanks in advance!
This is the openssl output:
Expected Result
I’m expecting, since the certificate is in the verify parameter, that the connection won’t fail. If I try the same with curl outside python it works:
(It fails but not because of certificate issues)
Actual Result
Reproduction Steps
System Information
This command is only available on Requests v2.16.4 and greater. Otherwise,
please provide some basic information about your system (Python version,
operating system, &c).
The text was updated successfully, but these errors were encountered:
BTW, this is Ubuntu 16.04
This error is almost certainly because the certificate itself is invalid in some way. Can you provide the PEM-encoded certificate itself, please?
Hi. Thanks for the quick answer. This is the certificate:
——BEGIN CERTIFICATE——
MIID3TCCAsWgAwIBAgIIU/nMdlbWojMwDQYJKoZIhvcNAQELBQAwMDEuMCwGA1UE
AwwlTkxZQlNUUVZQNE5CNzVOLmNvZGUxLmVtaS5waGlsaXBzLmNvbTAeFw0xNzEx
MTAwMDAwMDBaFw0yNzExMTAwMDAwMDBaMDAxLjAsBgNVBAMMJU5MWUJTVFFWUDRO
Qjc1Ti5jb2RlMS5lbWkucGhpbGlwcy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3mzWep6k1/FbkzzoyZ8QBy/tE8adfwKvw80zaLL+car1bBZ9U
VIXs4es3babtjD3QJWP5/mwoBdIp8gvQkjA1X7RBNJZXbPz6hGR4eqaeRQLrFV9Y
TtB92MA9CDpCXfalCvzzO1jw3zvP1BHUdnTQEwSnnwtf/Ryaud+e7TDxGq8LThmc
glZgO8d2zaYpIjwWx92bXDF/qlqWBkH5mtKIkWOw6Y71xz0Di62cFrMAPEGBjK3c
szpBa5Ttb9+SFtl16t2xDyCbiPFkoMW/4u3Husy/i18hLhEuQwZMHnWsocm+etZ4
8fDt5Bqhab8zC+LKS+Ll7qZdqMHzobeB6j5JAgMBAAGjgfowgfcwXwYDVR0jBFgw
VoAUGdJ3os9nPtTubuwcy1ugtDMdSMChNKQyMDAxLjAsBgNVBAMMJU5MWUJTVFFW
UDROQjc1Ti5jb2RlMS5lbWkucGhpbGlwcy5jb22CCFP5zHZW1qIzMB0GA1UdDgQW
BBQZ0neiz2c+1O5u7BzLW6C0Mx1IwDAMBgNVHRMBAf8EAjAAMAsGA1UdDwQEAwIE
sDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0RBDQwMoIlTkxZ
QlNUUVZQNE5CNzVOLmNvZGUxLmVtaS5waGlsaXBzLmNvbYIJbG9jYWxob3N0MA0G
CSqGSIb3DQEBCwUAA4IBAQC0MtflowNB4LTLKD1MW3w0QIY5ale3/sEhNCQgHGN5
iNZJptFuFt5jgPGmFjy0Pb5vLMS/Ag1RF3UgTeZzFnaSgyB4mTnwj1gLdwQidVcr
2SlL7TffCj0m/bYjtNbwExRqXE4pQKb5RKwYwpruZaX/G3oHWOG9+2X9Pw5C42zB
OFE4KvYUwOV+noabXvil8LERIdKYxR/2B6qBiwm47IcioqM07zTYLHJ+WDTEMO2k
Qy51yXwFmeOEr5MIBElYCQ0j2AfI4RCXr+2cyUym7tjEr3/I8EsZ5Crvdf++Gwaz
2A05ScPMr+5yfVXygZCenMTwNAyUY1yN9zVj8/n94Psa
——END CERTIFICATE——
I know is not entirely valid. But somehow curl is able to accept it. I was wondering why requests does not do the same. I assumed both use openssl to validate the certificate.
Any updates on this? I am also facing issue with self sign certified sites in python request library.
Getting below error.
requests.get(‘https://10.10.24.20′, verify=’/etc/ssl/certs/certSIGN_ROOT_CA.pem’)
Traceback (most recent call last):
File «», line 1, in
File «/usr/local/lib/python2.7/dist-packages/requests/api.py», line 72, in get
return request(‘get’, url, params=params, **kwargs)
File «/usr/local/lib/python2.7/dist-packages/requests/api.py», line 58, in request
return session.request(method=method, url=url, **kwargs)
File «/usr/local/lib/python2.7/dist-packages/requests/sessions.py», line 508, in request
resp = self.send(prep, **send_kwargs)
File «/usr/local/lib/python2.7/dist-packages/requests/sessions.py», line 618, in send
r = adapter.send(request, **kwargs)
File «/usr/local/lib/python2.7/dist-packages/requests/adapters.py», line 506, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host=’10.10.24.20′, port=443): Max retries exceeded with url: / (Caused by SSLError(SSLError(«bad handshake: Error([(‘SSL routines’, ‘tls_process_server_certificate’, ‘certificate verify failed’)],)»,),))
If i keep verify False it works but i want it with verify=True
I didn’t see this before so I opened a new issue, sorry about that. But I’m facing same issue. For me ‘request’ fails even with verify=False.
$ python
Python 2.7.13 (default, Jan 19 2017, 14:48:08)
[GCC 6.3.0 20170118] on linux2
Type «help», «copyright», «credits» or «license» for more information.
import requests
requests.get(«https://localhost:9000/getcpuinfo», verify=False)
Traceback (most recent call last):
File «», line 1, in
File «/usr/lib/python2.7/dist-packages/requests/api.py», line 70, in get
return request(‘get’, url, params=params, **kwargs)
File «/usr/lib/python2.7/dist-packages/requests/api.py», line 56, in request
return session.request(method=method, url=url, **kwargs)
File «/usr/lib/python2.7/dist-packages/requests/sessions.py», line 488, in request
resp = self.send(prep, **send_kwargs)
File «/usr/lib/python2.7/dist-packages/requests/sessions.py», line 609, in send
r = adapter.send(request, **kwargs)
File «/usr/lib/python2.7/dist-packages/requests/adapters.py», line 497, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: («bad handshake: SysCallError(-1, ‘Unexpected EOF’)»,)
My local certificate info is,
Please do not hijack this issue. In general you should be using Stack Overflow to ask these questions: if you overload the issue with requests you just make me inclined to close it.
@sg77 Your certificate is marked CA=FALSE , which makes it ineligible to be an issuing certificate. I suspect curl is customising their code to use this certificate as a pin, rather than as a root CA. Requests does not do that: this certificate cannot be a root CA, so it does not validate.
I recommend minting a new certificate with CA=TRUE , or omitting the BasicConstraints altogether.
@ashwini-kaklij I have no idea why your verification is failing, because I can’t see the certificate. Please do not post it here: direct your question to StackOverflow instead.
@uttampawar Your error is caused by the server not liking our TLS handshake for some reason. In the absence of more details I cannot determine why. Please, again, take your question to Stack Overflow.
@Lukasa I didn’t mean to hijack the issue just elevate. May be this is a wrong place. I added my comments and observation since I saw it’s of similar nature. I appreciate your feedback. I’ll ask on stackoverflow. Thanks.
Please do not hijack this issue. In general you should be using Stack Overflow to ask these questions: if you overload the issue with requests you just make me inclined to close it.
@sg77 Your certificate is marked CA=FALSE , which makes it ineligible to be an issuing certificate. I suspect curl is customising their code to use this certificate as a pin, rather than as a root CA. Requests does not do that: this certificate cannot be a root CA, so it does not validate.
I recommend minting a new certificate with CA=TRUE , or omitting the BasicConstraints altogether.
@ashwini-kaklij I have no idea why your verification is failing, because I can’t see the certificate. Please do not post it here: direct your question to StackOverflow instead.
@uttampawar Your error is caused by the server not liking our TLS handshake for some reason. In the absence of more details I cannot determine why. Please, again, take your question to Stack Overflow.
Hi Lukasa — Just seen your reply. You have replied to @sg77 saying «Your certificate is marked CA=FALSE «.
How do you tell this is false and where/how can I set this back to TRUE?
posting the certificate key online is like posting your password
posting the certificate key online is like posting your password
Umm, no. Posting the certificate’s private key is equivalent to your password.
Every CA in business has their certificate in every mainstream OS and browser. Are they giving their password away to everyone?
This error is almost certainly because the certificate itself is invalid in some way. Can you provide the PEM-encoded certificate itself, please?
how can i access to this certificate ?
If you are beginner to python requests module and want to do some stuffs that requires accessing secure sites, there is high chance that you will be doomed by this error — Certificate verify failed and like all beginner programmers you will be tempted to use auth = session.post( mysecureurl, verify=false)
But this is very bad practice and have been discouraged over a lots of SO posts, but still beginners misuse this because the error is so sucky to fix.
Let me attempt to throw some light on this issue.
Python(pip) and Conda and whatsoever python based software uses separate certificate store just like all browsers do. The Python Requests library uses its own CA file by default, or will use the certifi package’s certificate bundle if installed. Also, pip does not use the system certs unlike the curl do.
Hence the for the requests you have to manually specify the certificate store through the conda or pip.
- Export all the .cer encoded certificate chain using browser as per this amazing blog shown over here. Note, that blog is not about conda certstore but git certstore and it only says to export the root, however I exported all the certificate chains into separate files.
- Next, install certifi using command pip install certifi
- Check the default path of the cert store of conda or python:
import ssl
ssl.get_default_verify_paths() OR
import certifi
certifi.where()
Once you have located the default cacert.pem file, open this (preferably into Notepad++) and append all the certificate at the end of file. (Take care of certificate demarcation ——BEGIN CERTIFICATE—— and ——END CERTIFICATE—— ). Save the file and that is it.
Or if you are using conda use the conda commands:
conda config —set ssl_verify
.crt
(I have noticed this command updates stuff in C:Usersjohndoe.condarc )
Use the below code to verify:
import certifi
auth = session.post(‘https://mysecuresite.com/’, cert=());
Also, if you are on linux, you can export custom cacert into system-wide or user profile ( .bashrc or .bash_profile ) using this link.
Источник
bad handshake error with ssl3 #3774
I have an inhouse IIS server with ssl3 but an expired certificate, so I used requests without certificate verification and it was working fine with requests 2.11.1. But after I upgrade requests to 2.12.0, there was an error occured.
error message:
Traceback (most recent call last):
File «c:python35libsite-packagesrequestspackagesurllib3contribpyopenssl.py», line 417, in wrap_socket
cnx.do_handshake()
File «c:python35libsite-packagesOpenSSLSSL.py», line 1426, in do_handshake
self._raise_ssl_error(self._ssl, result)
File «c:python35libsite-packagesOpenSSLSSL.py», line 1167, in _raise_ssl_error
raise SysCallError(-1, «Unexpected EOF»)
OpenSSL.SSL.SysCallError: (-1, ‘Unexpected EOF’)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File «c:python35libsite-packagesrequestspackagesurllib3connectionpool.py», line 594, in urlopen
chunked=chunked)
File «c:python35libsite-packagesrequestspackagesurllib3connectionpool.py», line 350, in _make_request
self._validate_conn(conn)
File «c:python35libsite-packagesrequestspackagesurllib3connectionpool.py», line 835, in validate_conn
conn.connect()
File «c:python35libsite-packagesrequestspackagesurllib3connection.py», line 323, in connect
ssl_context=context)
File «c:python35libsite-packagesrequestspackagesurllib3utilssl.py», line 324, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File «c:python35libsite-packagesrequestspackagesurllib3contribpyopenssl.py», line 424, in wrap_socket
raise ssl.SSLError(‘bad handshake: %r’ % e)
ssl.SSLError: («bad handshake: SysCallError(-1, ‘Unexpected EOF’)»,)
.
I tried to downgrade requests to 2.11.1 and the error was gone. I have no idea how to fix this.
The text was updated successfully, but these errors were encountered:
This is almost certainly because the server in question only supports 3DES as a cipher, which we dropped from our default cipher list because it’s insecure. If you operate the server I strongly encourage you to upgrade its cipher suite configuration to support something secure.
I think you are right. But I don’t run the server. It seems I have to strick to 2.11.1 for good.
There are other options. It is possible to configure a custom SSLContext object that can do what you need. You need a custom HTTPAdapter:
This should work. Please avoid using this too much, and also ensure that you put pressure on the server administrator to update their config: they have no secure cipher suites in their config now, which is pretty unacceptable.
@Lukasa thank you for your reply, but your code doesn’t work for me.
here are my code(minor modified on yours):
same error msg appears:
and under 2.11.1, there was another error which i can fix it by removing the ssl_context key:
Hrm, it’s also possible that you’re using PyOpenSSL when you aren’t expecting to be. Can you show me the output of pip freeze ?
For reference, the line:
or the error adapter won’t be used correctly.
@Lukasa yes, i installed PyOpenSSL but I don’t think it’s the cause. I uninstalled it and the error changed to the following:
now the pip freeze is:
C:Usersbigbagboom>pip freeze
alabaster==0.7.9
anaconda-client==1.4.0
anaconda-navigator==1.1.0
argcomplete==1.0.0
astroid==1.4.8
astropy==1.1.2
Babel==2.3.4
beautifulsoup4==4.4.1
bitarray==0.8.1
blaze==0.9.1
bokeh==0.11.1
boto==2.39.0
Bottleneck==1.0.0
certifi==2016.9.26
cffi==1.9.1
chest==0.2.3
click==6.6
cloudpickle==0.1.1
clyent==1.2.1
colorama==0.3.7
comtypes==1.1.2
conda==4.0.5
conda-build==1.20.0
conda-env==2.4.5
conda-manager==0.3.1
configobj==5.0.6
cryptography==1.7.1
cycler==0.10.0
Cython==0.23.4
cytoolz==0.7.5
dask==0.8.1
datashape==0.5.1
decorator==4.0.10
dill==0.2.4
docutils==0.13.1
dynd===c328ab7
entrypoints==0.2.2
et-xmlfile==1.0.1
fastcache==1.0.2
Flask==0.11.1
Flask-Cors==2.1.2
future==0.16.0
gevent==1.1.2
greenlet==0.4.11
h5py==2.5.0
HeapDict==1.0.0
idna==2.1
imagesize==0.7.1
ipykernel==4.5.2
ipython==5.1.0
ipython-genutils==0.1.0
ipywidgets==4.1.1
isort==4.2.5
itsdangerous==0.24
jdcal==1.3
jedi==0.9.0
Jinja2==2.8
jsonschema==2.5.1
jupyter==1.0.0
jupyter-client==4.4.0
jupyter-console==4.1.1
jupyter-core==4.2.1
lazy-object-proxy==1.2.2
llvmlite==0.9.0
locket==0.2.0
lxml==3.6.0
MarkupSafe==0.23
matplotlib==1.5.1
mccabe==0.5.3
menuinst==1.3.2
mistune==0.7.3
mpmath==0.19
multipledispatch==0.4.8
nbconvert==4.3.0
nbformat==4.2.0
ndg-httpsclient==0.4.2
networkx==1.11
nltk==3.2
nose==1.3.7
notebook==4.1.0
ntlm-auth==1.0.2
numba==0.24.0
numexpr==2.6.1
numpy==1.11.2
odo==0.4.2
openpyxl==2.4.1
ordereddict==1.1
pandas==0.18.0
partd==0.3.2
path.py==0.0.0
patsy==0.4.0
pep8==1.7.0
pickleshare==0.7.4
Pillow==3.4.2
ply==3.8
prompt-toolkit==1.0.9
psutil==5.0.0
py==1.4.31
pyasn1==0.1.9
pycosat==0.6.1
pycparser==2.17
pycrypto==2.6.1
pyexcel==0.3.3
pyexcel-io==0.2.4
pyexcel-xls==0.2.0
pyexcel-xlsx==0.2.3
pyflakes==1.3.0
Pygments==2.1.3
pylint==1.6.4
pyparsing==2.0.3
pyreadline==2.1
pytest==2.8.5
python-dateutil==2.5.1
python-ntlm3==1.0.2
pytz==2016.10
pywin32==220
PyYAML==3.11
pyzmq==16.0.2
QtAwesome==0.3.3
qtconsole==4.2.1
QtPy==1.1.2
requests==2.12.0
requests-ntlm==1.0.0
requests-toolbelt==0.7.0
rope-py3k==0.9.4.post1
scikit-image==0.12.3
scikit-learn==0.17.1
scipy==0.17.0
simplegeneric==0.8.1
singledispatch==3.4.0.3
six==1.10.0
snowballstemmer==1.2.1
sockjs-tornado==1.0.1
sphinx-rtd-theme==0.1.9
spyder==2.3.8
SQLAlchemy==1.0.12
statsmodels==0.6.1
sympy==1.0
tables==3.3.0
texttable==0.8.7
toolz==0.7.4
tornado==4.4.2
traitlets==4.3.1
unicodecsv==0.14.1
urllib3==1.19.1
wcwidth==0.1.7
Werkzeug==0.11.11
win-unicode-console==0.5
wrapt==1.10.8
xlrd==0.9.4
XlsxWriter==0.8.4
xlwings==0.7.0
xlwt==1.1.2
xlwt-future==0.8.0
And for reference, here is some output(successful) with curl 7.50.3:
Источник
The API calls now work on Postman. However, interestingly Python returns an SSL error leading to bad handshake. Please find below a series of cascading errors.
[Running] python -u «c:ProjectsStep_Up_BootcampTravelexsbxclient.py»
Traceback (most recent call last):
File «C:UsersanimepauAnaconda3libsite-packagesurllib3contribpyopenssl.py», line 485, in wrap_socket
cnx.do_handshake()
File «C:UsersanimepauAnaconda3libsite-packagesOpenSSLSSL.py», line 1934, in do_handshake
self._raise_ssl_error(self._ssl, result)
File «C:UsersanimepauAnaconda3libsite-packagesOpenSSLSSL.py», line 1663, in _raise_ssl_error
raise SysCallError(errno, errorcode.get(errno))
OpenSSL.SSL.SysCallError: (10054, ‘WSAECONNRESET’)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File «C:UsersanimepauAnaconda3libsite-packagesurllib3connectionpool.py», line 672, in urlopen
chunked=chunked,
File «C:UsersanimepauAnaconda3libsite-packagesurllib3connectionpool.py», line 376, in _make_request
self._validate_conn(conn)
File «C:UsersanimepauAnaconda3libsite-packagesurllib3connectionpool.py», line 994, in _validate_conn
conn.connect()
File «C:UsersanimepauAnaconda3libsite-packagesurllib3connection.py», line 360, in connect
ssl_context=context,
File «C:UsersanimepauAnaconda3libsite-packagesurllib3utilssl_.py», line 370, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File «C:UsersanimepauAnaconda3libsite-packagesurllib3contribpyopenssl.py», line 491, in wrap_socket
raise ssl.SSLError(«bad handshake: %r» % e)
ssl.SSLError: («bad handshake: SysCallError(10054, ‘WSAECONNRESET’)»,)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File «C:UsersanimepauAnaconda3libsite-packagesrequestsadapters.py», line 449, in send
timeout=timeout
File «C:UsersanimepauAnaconda3libsite-packagesurllib3connectionpool.py», line 720, in urlopen
method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2]
File «C:UsersanimepauAnaconda3libsite-packagesurllib3utilretry.py», line 436, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host=’sandbox.api.visa.com’, port=443): Max retries exceeded with url: /bia/service/v1/scorerange (Caused by SSLError(SSLError(«bad handshake: SysCallError(10054, ‘WSAECONNRESET’)»)))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File «c:ProjectsStep_Up_BootcampTravelexsbxclient.py», line 42, in <module>
response = requests.post(url, verify = (CA_Cert), cert = (client_cert, privateKey), headers = headers, auth = (user_id, password), data = body)
File «C:UsersanimepauAnaconda3libsite-packagesrequestsapi.py», line 116, in post
return request(‘post’, url, data=data, json=json, **kwargs)
File «C:UsersanimepauAnaconda3libsite-packagesrequestsapi.py», line 60, in request
return session.request(method=method, url=url, **kwargs)
File «C:UsersanimepauAnaconda3libsite-packagesrequestssessions.py», line 533, in request
resp = self.send(prep, **send_kwargs)
File «C:UsersanimepauAnaconda3libsite-packagesrequestssessions.py», line 646, in send
r = adapter.send(request, **kwargs)
File «C:UsersanimepauAnaconda3libsite-packagesrequestsadapters.py», line 514, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host=’sandbox.api.visa.com’, port=443): Max retries exceeded with url: /bia/service/v1/scorerange (Caused by SSLError(SSLError(«bad handshake: SysCallError(10054, ‘WSAECONNRESET’)»)))
[Done] exited with code=1 in 1.539 seconds