我为我的Hashicorp服务器使用以下config.hcl,
disable_mlock = true
storage "file" {
path = "/etc/secrets"
}
listener "tcp" {
address = "10.xx.xx.xx:8200"
tls_cert_file = "/etc/certs/selfsigned.crt"
tls_key_file = "/etc/certs/selfsigned.key"
}
它执行保险库操作时工作正常,但当我尝试使用hvac python库达到它时,我收到SSL错误 . 我用来从python连接到hashicorp服务器的代码是,
import hvac
client = hvac.Client(url='https://10.xx.xx.xx:8200', cert=('/etc/certs/selfsigned.crt', '/etc/certs/selfsigned.key'))
client.token = 'd460cb82-08aa-4b97-8655-19b6593b262d'
client.is_authenticated()
我得到的完整错误跟踪如下: -
回溯(最近一次调用最后一次):文件“”,第1行,在文件“/usr/local/lib/python2.7/dist-packages/hvac/v1/init.py”,第552行,在is_authenticated self中 . lookup_token()文件“/usr/local/lib/python2.7/dist-packages/hvac/v1/init.py”,第460行,在lookup_token中返回self._get('/ v1 / auth / token / lookup-self ',wrap_ttl = wrap_ttl).json()文件“/usr/local/lib/python2.7/dist-packages/hvac/v1/init.py”,第1236行,在_get返回self.request('get', url,** kwargs)文件“/usr/local/lib/python2.7/dist-packages/hvac/v1/__init.py”,第1264行,在__request allow_redirects = False,** _ kwargs)文件“/ usr / local / lib / python2.7 / dist-packages / requests / sessions.py“,第512行,请求resp = self.send(prep,** send_kwargs)文件”/usr/local/lib/python2.7/dist -packages / requests / sessions.py“,第622行,在send r = adapter.send(request,** kwargs)文件”/usr/local/lib/python2.7/dist-packages/requests/adapters.py“ ,511行,发送引发SSLError(e,request = request)requests.exceptions.SSLError:HTTPSConnectionPool( host = '10 .xx.xx.xx',port = 8200):使用url超出最大重试次数:/ v1 / auth / token / lookup-self(由SSLError引起(SSLError(“错误握手:错误([('SSL)例程','tls_process_server_certificate','证书验证失败')],)“,),))