Client certificate works in curl but not in Python
A comment on this answer helped me figure this out.
Update your code as such:
import requestscert_file_path = "file.crt.pem"key_file_path = "file.key.pem"cert = (cert_file_path, key_file_path)url = 'https://server.url'r = requests.post(url, cert=cert, verify="path/to/ca_public_keys.pem") # replace with your file
I'm assuming you're using a self-signed certificate, so you need to specify the .pem
file containing the public certificates of the CA that issued your self-signed certificate. Make sure to include the intermediate certificates, otherwise the requests library will throw the tlsv1 alert unknown ca
error.
You can check the issuer of your client certificate by typing openssl x509 -noout -in file.crt.pem -issuer
in a terminal.
Request module checks environmental variable REQUESTS_CA_BUNDLE for cert file. So just do this
export REQUESTS_CA_BUNDLE=/absolute/path/to/your/file.crt.pem
Your python code will simply be:
import requestsurl = 'https://server.url'r = requests.post(url)print(r.text)