问题
I receive runtime errors like this when making Stripe calls such as stripe.Customer.create(email = email)
APIError: Stripe no longer supports API requests made with TLS 1.0.
Please initiate HTTPS connections with TLS 1.2 or later.
You can learn more about this at https://stripe.com/blog/upgrading-tls.
This error shows up only on the local development server, but not on production. I have of course upgraded my stripe library like this:
pip install -t lib --upgrade stripe==1.19.1
To eliminate the possibility of this being an issue with pip upgrade, I have also tried removing the old lib/stripe directory and it's dependencies, followed by a fresh install. But that does not make a difference.
回答1:
Does your appengine_config.py have this in it yet?
import os
from google.appengine.ext import vendor
from google.appengine.ext.appstats import recording
appstats_CALC_RPC_COSTS = True
# Add any libraries installed in the "lib" folder.
vendor.add('lib')
def webapp_add_wsgi_middleware(app):
app = recording.appstats_wsgi_middleware(app)
return app
# if on localhost
if os.environ.get('SERVER_SOFTWARE', '').startswith('Development'):
import imp
import os.path
import inspect
from google.appengine.tools.devappserver2.python import sandbox
sandbox._WHITE_LIST_C_MODULES += ['_ssl', '_socket']
# Use the system socket.
real_os_src_path = os.path.realpath(inspect.getsourcefile(os))
psocket = os.path.join(os.path.dirname(real_os_src_path), 'socket.py')
imp.load_source('socket', psocket)
else:
# Doing this on dev_appserver/localhost seems to cause outbound https requests to fail
from lib import requests
from lib.requests_toolbelt.adapters import appengine as requests_toolbelt_appengine
# Use the App Engine Requests adapter. This makes sure that Requests uses
# URLFetch.
requests_toolbelt_appengine.monkeypatch()
I copied my whole file because I'm not sure which parts you already have, but the key part is that final if-else. I went through a whole mess of trouble getting TLS 1.2 working on prod, which primarily came down to specifying version 2.7.11 for App Engine's special ssl library & requests_toolbelt_appengine.monkeypatch().
Like you this broke ssl on localhost for me, so now I only do requests_toolbelt_appengine.monkeypatch() on prod, and on localhost I do that 'white-listing the native sockets library' trick you've probably seen. Part of this comes down what combination of versions of things you're using. Hopefully this helps.
Notable items from my app.yaml:
env_variables:
theme: 'default'
GAE_USE_SOCKETS_HTTPLIB : 'true' # TLS 1.2
libraries:
- name: jinja2
version: "2.6"
- name: webapp2
version: "2.5.2"
- name: markupsafe
version: "0.15"
- name: ssl
version: "2.7.11" # TLS 1.2
- name: pycrypto
version: "2.6"
- name: lxml
version: latest
Also I'm using python-requests 2.18.2
EDIT:
In my ~/.bash_profile, google cloud sdk was added to my path:
export PATH="/Users/alex/google-cloud-sdk/platform/google_appengine/:$PATH".
If I go to that folder, I can follow the imports for from google.appengine.tools.devappserver2.python import sandbox all the way through. (screenshot included below)
来源:https://stackoverflow.com/questions/46799365/error-with-stripe-calls-on-google-app-engine-even-after-upgrading-to-latest