m-click
SSLV3_ALERT_HANDSHAKE_FAILURE
Hi, I'm getting a SSLV3_ALERT_HANDSHAKE_FAILURE when trying to use my pfx certificate and make a request to a site. I tried a couple of ssl_protocol without success.
This is my code:
def download_a_file(date: pendulum.DateTime):
# URL to download the PDF file.
url = f"https://fakesite.com/portalDownload/invoices/file?date={date.format("YYYYMMDD")}&format=pdf"
pfx_path = "C:/mycertificate.pfx"
pfx_password = "FakePass123"
with Session() as s:
s.mount(
"https://fakesite.com",
Pkcs12Adapter(pkcs12_filename=pfx_path, pkcs12_password=pfx_password),
)
response = s.get(url)
if response.status_code == 200:
context.log.info("Successfully downloaded the PDF file.")
return response.content
else:
context.log.error("Failed to download the PDF file.")
requests.exceptions.SSLError: HTTPSConnectionPool(host='fakesite.com', port=443): Max retries exceeded with url: /marketportal/ (Caused by SSLError(SSLError(1, '[SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:1000)')))
I'm on Windows 11, python 3.12 using requests_pkcs12 version 1.25.
Using my certificate in Chrome, Edge or Firefox is working when login in the site.
This is what I'm getting from Chrome Developer Tools->Security tab.
Am I doing something wrong?
Thank you,
Still searching for a fix. I think it's probably related to this requests issue https://github.com/psf/requests/issues/6715#issuecomment-2137782.
Up to Python 3.11 I can't see any issues, either. I'll test with Python 3.12 later.
Hi, I was able to finally make-it work but with another package, httpx, setting the ssl context this way:
ssl_context = ssl.create_default_context()
ssl_context.check_hostname = False
ssl_context.verify_mode = ssl.CERT_NONE
ssl_context.set_ciphers('DEFAULT@SECLEVEL=2')
async with httpx.AsyncClient(verify=ssl_context, http2=True) as client:
https://github.com/encode/httpx/issues/3475#issuecomment-2661550354
Maybe it can help to find a solution for request_pkcs12 package.