aiohttp session failed to trust ssl certificate

Created on 22 Sep 2016  路  5Comments  路  Source: aio-libs/aiohttp

Long story short

I wanna sniffer https requests but failed with the sslError

  1. I'm using charles to sniffer the https requests by session of aiohttp.
  2. I've made key chains trusts my charles root certificate on my mac OSX.
  3. Then I found that my chrome trusts charles, but python aiohttp do not.

Expected behaviour

I wanna let aiohttp session trust my charles root certificate(my os has trusted it already), or skip ssl verify.

Actual behaviour

Neigher does the aiohttp session trust chrales certificate, nor does it skip ssl verify

Steps to reproduce

import asyncio
import aiohttp

async def sync(i):
    url = 'https://baidu.com'
    async with aiohttp.ClientSession() as session:
        print('synci'+i)
        data = {
            'key': 'abc',
        }

        async with session.post(url, data=data,proxy="http://127.0.0.1:8888") as resp:
            #assert await resp.json() == { "cookies": {"cookies_are": "working"}}
            print(await resp.text())

async def f1(i):
    print('init'+str(i));
    await sync(str(i));
r1=f1(1)
r2=f1(2)
print('start')
asyncio.get_event_loop().run_until_complete(asyncio.gather(*[ r1, r2, ]))

Output:

 ssl.SSLError: [SSL] shutdown while in init (_ssl.c:2098)

Your environment

python3.5.2
mac osx

outdated
Source
picture ahuigo
👍2

Most helpful comment

Unfortunately the issue is out of scope of aiohttp.

You could create aiohttp.Connector with custom ssl_context (see https://docs.python.org/3/library/ssl.html for how to create ssl context object).
Perhaps you have to configure the context properly using your cert chains.

P.S. aiohttp.Connector(verify_ssl) disables SSL certs verification.

picture asvetlov on 22 Sep 2016
👍3

All 5 comments

Unfortunately the issue is out of scope of aiohttp.

You could create aiohttp.Connector with custom ssl_context (see https://docs.python.org/3/library/ssl.html for how to create ssl context object).
Perhaps you have to configure the context properly using your cert chains.

P.S. aiohttp.Connector(verify_ssl) disables SSL certs verification.

asvetlov picture asvetlov on 22 Sep 2016
👍3

@asvetlov
Unfortunately, _aiohttp's seesion_ does not support Connector: TypeError: _request() got an unexpected keyword argument 'connector'

import asyncio
import aiohttp

async def sync(i):
    url = 'https://baidu.com'
    async with aiohttp.ClientSession() as session:
        print('synci'+i)
        data = {
            'key': 'abc',
        }

        help(session.post)
        async with session.post(url, data=data,proxy="http://127.0.0.1:8888", connector=aiohttp.TCPConnector(verify_ssl=False)) as resp:
            #assert await resp.json() == { "cookies": {"cookies_are": "working"}}
            print(await resp.text())

async def f1(i):
    print('init'+str(i));
    await sync(str(i));
r1=f1(1)
r2=f1(2)
print('start')
asyncio.get_event_loop().run_until_complete(asyncio.gather(*[ r1, r2, ]))
ahuigo picture ahuigo on 22 Sep 2016

Pass connector instance into aiohttp.ClientSession constructor, not into session.post() coroutine.

asvetlov picture asvetlov on 22 Sep 2016

@asvetlov It works, many thanks!

ahuigo picture ahuigo on 22 Sep 2016

This thread has been automatically locked since there has not been
any recent activity after it was closed. Please open a [new issue] for
related bugs.

If you feel like there's important points made in this discussion,
please include those exceprts into that [new issue].

lock[bot] picture lock[bot] on 29 Oct 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

asvetlov picture asvetlov  路  4Comments
amsb picture amsb  路  3Comments
JoseKilo picture JoseKilo  路  3Comments
sersorrel picture sersorrel  路  4Comments
Smosker picture Smosker  路  3Comments