SSL: DH_KEY_TOO_SMALL, Requests > 2.31.0 #6827
Labels
Comments
snooppr
added
actions/autoclose-qa
|
As described in the template, we won't be able to answer questions on this issue tracker. Please use Stack Overflow |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
How to make requests to problematic sites (on old versions disabling shfires helped)?
import requests, urllib3print(f"requests={requests.__version__}, urllib3={urllib3.__version__}")requests=2.32.3, urllib3=1.26.18 (This version of Urllib3 still supports custom cipher selection.)
requests.packages.urllib3.util.ssl_.DEFAULT_CIPHERS += ':HIGH:!DH:!aNULL'Error:
print(requests.get("https://nhl.ru"))SSLError(SSLError(1, '[SSL: DH_KEY_TOO_SMALL] dh key too small (_ssl.c:1125)')))
python -m pip install requests==2.31.0import requests, urllib3
print(f"requests={requests.__version__}, urllib3={urllib3.__version__}")requests=2.31.0, urllib3=1.26.18
requests.packages.urllib3.util.ssl_.DEFAULT_CIPHERS += ':HIGH:!DH:!aNULL'Good:
print(requests.get("https://nhl.ru"))<Response [404]>
The latest version that works with the cipher changes Requests=2.31.0 and urllib3=1.26.18.
If you update, requests are bad: ('SSL: DH_KEY_TOO_SMALL')
Is there a way to make successful requests to old sites by playing with SSL (at the Python level, not the OS?).
For example:
Good:
curl -vLk "http://nhl.ru/" --ciphers 'DEFAULT:!DH'The text was updated successfully, but these errors were encountered: