certificate verify failed: unable to get local issuer certificate(ssl.c:1091)
时间:2020-01-09 10:38:17 来源:igfitidea点击:
当我在FreeBSD系统上安装s3cmd软件包并使用s3cmd命令时,出现以下错误:
ERROR: Test failed: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1091)
ERROR:测试失败:[SSL:CERTIFICATE_VERIFY_FAILED]证书验证失败:无法获取本地发行者证书(_ssl.c:1091)
如何在FreeBSD Unix系统上解决此问题?
Amazon Simple Storage Service(s3)是通过Web服务接口或API的对象存储。
您可以存储各种文件。
FreeBSD是免费的开源操作系统。
s3cmd是一个命令行实用程序,用于类似于Unix的系统从命令行将文件上传,下载到AWS S3服务。
错误:测试失败:[SSL:CERTIFICATE_VERIFY_FAILED]证书验证失败错误和解决方案
此错误表明您没有正确安装软件包,尤其是SSL证书。
让我们看看如何解决此问题,并在FreeBSD上正确安装s3cmd来解决该问题。
如何在FreeBSD上安装s3cmd
搜索s3cmd软件包:
$ pkg search s3cmd
执行以下命令并确保您安装了Python 3.x软件包,因为2020年之后将删除Python 2:
$ sudo pkg install py37-s3cmd-2.1.0
FreeBSD安装ca_root_nss软件包
执行以下pkg命令以安装根证书以摆脱测试失败的错误:[SSL:CERTIFICATE_VERIFY_FAILED]错误:
$ sudo pkg update $ sudo pkg install ca_root_nss
配置s3cmd
运行以下命令:
$ s3cmd --configure
确保输入正确的值:
Enter new values or accept defaults in brackets with Enter. Refer to user manual for detailed description of all options. Access key and Secret key are your identifiers for Amazon S3. Leave them empty for using the env variables. Access Key : YOUR_AWS_KEY_HERE Secret Key : YOUR_AWS_Secret_KEY_HERE Default Region [US]: Use "s3.amazonaws.com" for S3 Endpoint and not modify it to the target Amazon S3. S3 Endpoint [s3.amazonaws.com]: Use "%(bucket)s.s3.amazonaws.com" to the target Amazon S3. "%(bucket)s" and "%(location)s" vars can be used if the target S3 system supports dns based buckets. DNS-style bucket+hostname:port template for accessing a bucket [%(bucket)s.s3.amazonaws.com]: Encryption password is used to protect your files from reading by unauthorized persons while in transfer to S3 Encryption password: Path to GPG program: When using secure HTTPS protocol all communication with Amazon S3 servers is protected from 3rd party eavesdropping. This method is slower than plain HTTP, and can only be proxied with Python 2.7 or newer Use HTTPS protocol [Yes]: On some networks all internet access must go through a HTTP proxy. Try setting it here if you can't connect to S3 directly HTTP Proxy server name: New settings: Access Key: YOUR_AWS_KEY_HERE Secret Key: YOUR_AWS_Secret_KEY_HERE Default Region: US S3 Endpoint: s3.amazonaws.com DNS-style bucket+hostname:port template for accessing a bucket: %(bucket)s.s3.amazonaws.com Encryption password: Path to GPG program: None Use HTTPS protocol: True HTTP Proxy server name: HTTP Proxy server port: 0 Test access with supplied credentials? [Y/n] Y Please wait, attempting to list all buckets... Success. Your access key and secret key worked fine :-) Now verifying that encryption works... Not configured. Never mind.
测试一下
运行以下命令:
$ s3cmd ls $ s3cmd sync /path/to/local/dir s3://bucket-name/file $ s3cmd ls
在启用HTTPS支持的FreeBSD盒/监狱上测试s3cmd