Dan*_*l F 11 python ssl alpine-linux
我有这个小Dockerfile
FROM alpine:3.3
RUN apk --update add python
CMD ["python", "-c", "import urllib2; response = urllib2.urlopen('https://www.python.org')"]
构建它docker build -t alpine-py/01 .然后运行它docker run -it --rm alpine-py/01会创建以下输出
Traceback (most recent call last):
File "<string>", line 1, in <module>
File "/usr/lib/python2.7/urllib2.py", line 154, in urlopen
return opener.open(url, data, timeout)
File "/usr/lib/python2.7/urllib2.py", line 431, in open
response = self._open(req, data)
File "/usr/lib/python2.7/urllib2.py", line 449, in _open
'_open', req)
File "/usr/lib/python2.7/urllib2.py", line 409, in _call_chain
result = func(*args)
File "/usr/lib/python2.7/urllib2.py", line 1240, in https_open
context=self._context)
File "/usr/lib/python2.7/urllib2.py", line 1197, in do_open
raise URLError(err)
urllib2.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)>
昨天我被最近的OpenSSL 1.0.2g版本所咬,导致py-cryptograpy无法编译.幸运的是,py-cryptography几个小时后,这些人在PyPI上发布了一个新版本.问题是OpenSSL中的一个函数获得了一个新的签名.
这可能是相关的还是我错过了什么?
And*_*inn 11
您需要安装ca-certificates才能验证公共CA的签名证书:
FROM alpine:3.3
RUN apk --no-cache add python ca-certificates
CMD ["python", "-c", "import urllib2; response = urllib2.urlopen('https://www.python.org')"]
| 归档时间: |
|
| 查看次数: |
3667 次 |
| 最近记录: |