如何使用 .p12 证书验证 rest api

How to use .p12 certificate to authenticate rest api

我收到了带有用户名和密码的证书.p12。
在我的系统中安装此证书后,我可以将 Rest Client 用于 post 请求。
我如何使用此证书通过 Python 请求方法对 Rest API 上的 post 请求进行身份验证?
我正在使用下面的代码,但它不起作用。

import requests
headers = {'Content-Type': 'application/json'}
payload = {'folder': '/Trial/trial_dir'}
response = requests.post('https://<IP>:8080/siteapi/availabletests', params=payload, headers=headers, verify='C:\Users\ukhare\Desktop\sigos\cert.p12', auth=('trial_test','trialtest'))

并出现以下错误:

Traceback (most recent call last):
  File "D:\m\Python34\lib\site-packages\urllib3\connection.py", line 171, in _new_conn
    (self._dns_host, self.port), self.timeout, **extra_kw)
  File "D:\m\Python34\lib\site-packages\urllib3\util\connection.py", line 79, in create_connection
    raise err
  File "D:\m\Python34\lib\site-packages\urllib3\util\connection.py", line 69, in create_connection
    sock.connect(sa)
ConnectionRefusedError: [WinError 10061] No connection could be made because the target machine actively refused it

During handling of the above exception, another exception occurred:

    Traceback (most recent call last):
      File "D:\m\Python34\lib\site-packages\urllib3\connectionpool.py", line 600, in urlopen
        chunked=chunked)
      File "D:\m\Python34\lib\site-packages\urllib3\connectionpool.py", line 343, in _make_request
        self._validate_conn(conn)
      File "D:\m\Python34\lib\site-packages\urllib3\connectionpool.py", line 849, in _validate_conn
        conn.connect()
      File "D:\m\Python34\lib\site-packages\urllib3\connection.py", line 314, in connect
        conn = self._new_conn()
      File "D:\m\Python34\lib\site-packages\urllib3\connection.py", line 180, in _new_conn
        self, "Failed to establish a new connection: %s" % e)
    urllib3.exceptions.NewConnectionError: <urllib3.connection.VerifiedHTTPSConnection object at 0x036B0230>: Failed to establish a new connection: [WinError 10061] No connection could be made because the target machine actively refused it

    During handling of the above exception, another exception occurred:

    Traceback (most recent call last):
      File "D:\m\Python34\lib\site-packages\requests\adapters.py", line 445, in send
        timeout=timeout
      File "D:\m\Python34\lib\site-packages\urllib3\connectionpool.py", line 638, in urlopen
        _stacktrace=sys.exc_info()[2])
      File "D:\m\Python34\lib\site-packages\urllib3\util\retry.py", line 398, in increment
        raise MaxRetryError(_pool, url, error or ResponseError(cause))
    urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='IP', port=8080): Max retries exceeded with url: /siteapi/availabletests?folder=%2FTrial%2Ftrial_dir (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x036B0230>: Failed to establish a new connection: [WinError 10061] No connection could be made because the target machine actively refused it',))

    During handling of the above exception, another exception occurred:

    Traceback (most recent call last):
      File "<stdin>", line 1, in <module>
      File "D:\m\Python34\lib\site-packages\requests\api.py", line 112, in post
        return request('post', url, data=data, json=json, **kwargs)
      File "D:\m\Python34\lib\site-packages\requests\api.py", line 58, in request
        return session.request(method=method, url=url, **kwargs)
      File "D:\m\Python34\lib\site-packages\requests\sessions.py", line 512, in request
        resp = self.send(prep, **send_kwargs)
      File "D:\m\Python34\lib\site-packages\requests\sessions.py", line 622, in send
        r = adapter.send(request, **kwargs)
      File "D:\m\Python34\lib\site-packages\requests\adapters.py", line 513, in send
        raise ConnectionError(e, request=request)
    requests.exceptions.ConnectionError: HTTPSConnectionPool(host='IP', port=8080): Max retries exceeded with url: /siteapi/availabletests?folder=%2FTrial%2Ftrial_dir (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x036B0230>: Failed to establish a new connection: [WinError 10061] No connection could be made because the target machine actively refused it',))

参考:https://github.com/m-click/requests_pkcs12

我正在使用负载

data={"folder": "/Trial/trial_dir"}

这是一个字典,而它应该是一个正确的字典字符串

data='{"folder": "/Trial/trial_dir"}'

因此,以下是使用 python 成功 post 请求的结果:-

  1. Header 参数应该是一个字典。

例如

headers={'Content-Type': 'application/json'} 
  1. 数据参数应该是字符串格式的字典。

例如

data='{"folder": "/Trial/trial_dir"}'
  1. 验证应设置为 False:verify=False 以忽略验证 SSL 证书。

以下是我收到的请求的状态和内容:

>>> import json
>>> from requests_pkcs12 import get,post
>>> url = 'https://IP:8080/siteapi/availabletests'
>>> pkcs12_filename = 'C:\Users\ukhare\Desktop\tests\trial_tata.p12'
>>> pkcs12_password = 'trialtest'
>>> response = post(url, data='{"folder": "/Trial/trial_dir"}', headers={'Content-Type': 'application/json'}, verify=False, pkcs12_filename=pkcs12_filename,pkcs12_password=pkcs12_password)


D:\m\Python34\lib\site-packages\urllib3\connectionpool.py:857: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
  InsecureRequestWarning)
>>> print(response.status_code)
200
>>> print(json.dumps(json.loads(response.content.decode("utf-8")), indent=4, separators=(',', ': '), sort_keys=True))
{
    "availableTests": [
        "/Trial/trial_test/HTTP_Download"
    ],
    "serviceError": null