ssl - 测试 Swish API 时 SSLError 证书验证失败

Question

我正在尝试向瑞典小额支付系统 Swish 发送测试请求。

运行下面的代码时，我收到错误“SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')])”

我的 OpenSSl 版本是 1.1.1j，这意味着它支持 Swish 所需的 TLS 1.2。

我需要更改什么才能使其正常工作？

import json
from requests_pkcs12 import put

url = "https://mss.cpc.getswish.net/swish-cpcapi/api/v2/paymentrequests/F628384EC1744F9BB1F871EA67CB8BA5"
clientP12 = "Swish_Merchant_TestCertificate_1234679304.p12"
signingCert = "Swish_Merchant_TestSigningCertificate_1234679304.pem"

payload = {
    "payeePaymentReference": "4",
    "callbackUrl": "https://mysite/API/on_swish_payment_done/?payeePaymentReference=4",
    "payerAlias": "0701234567",
    "payeeAlias": "1234679304",
    "amount": "100.00",
    "currency": "SEK"
}

headers = {'content-type': 'application/json'}

r = put(url,
        data=json.dumps(payload),
        headers=headers,
        pkcs12_filename=clientP12,
        pkcs12_password='swish',
        verify=signingCert
        )

score 1 · Accepted Answer

我认为您应该使用Swish_TLS_RootCA.pemas 验证。Afaik 签名证书仅用于签署 Swish Payouts 的有效负载

ssl - 测试 Swish API 时 SSLError 证书验证失败

1 回答 1

Related

Reference