Capturing encrypted HTTPS web traffic in Python by using Fiddler can be challenging because Python uses its own trusted certificate store instead of the operating system certificate store. Additionally, by default, Python doesn't use a proxy in certain scenarios. This article explains how to capture SSL traffic by using the Fiddler for Python app in different scenarios.
ADAL for Python
When you use Fiddler to capture HTTPS traffic in a Python app that integrates Azure Active Directory Authentication Library (ADAL), you might receive SSL error messages. This issue occurs because Python doesn't trust the Fiddler certificate. You can use either of two methods to work around this issue.
비고
Disabling SSL verification presents a security risk. You should use this method only to troubleshoot. You should not use it in production environments.
Set an environment variable at the beginning of your Python app before the
AuthenticationContextobject is initialized:import os ... os.environ["ADAL_PYTHON_SSL_NO_VERIFY"] = "1"Pass the
verify_ssl=Falseflag to the AuthenticationContext method:context = adal.AuthenticationContext(authority, verify_ssl=False)
MSAL for Python
When you use the Microsoft Authentication Library (MSAL) for Python, you can disable SSL verification as follows:
app = msal.PublicClientApplication( client_id=appId, authority="https://login.microsoftonline.com/" + tenantId, verify=False )
Python Requests module
By default, the Requests module doesn't use a proxy. You must force the request to go through the Fiddler proxy, per the following example:
import requests
…
access_token = token.get('accessToken')
endpoint = "api_endpoint"
headers = {"Authorization": "Bearer " + access_token}
json_output = requests.get(
endpoint,
headers=headers,
proxies={"http": "http://127.0.0.1:8888", "https": "http://127.0.0.1:8888"},
verify=False
).json()
Azure Active Directory SDK for Python (GraphRbacManagementClient)
The following example shows how to disable SSL verification:
from azure.graphrbac import GraphRbacManagementClient
from azure.common.credentials import UserPassCredentials
credentials = UserPassCredentials(
<username>, # Your user name
<password>, # Your password
resource=”https://graph.windows.net”,
verify=False
)
tenant_id = <tenant name or tenant id>
graphrbac_client = GraphRbacManagementClient(credentials, tenant_id)
graphrbac_client.config.connection.verify=False
res = graphrbac_client.users.get(<UPN or ObjectID>)
print(res.display_name)
타사 정보 고지 사항
이 문서에서 설명하는 타사 제품은 Microsoft와 독립적인 회사에서 제조합니다. Microsoft는 이들 제품의 성능이나 안정성에 관하여 명시적이든 묵시적이든 어떠한 보증도 하지 않습니다.
도움을 요청하십시오.
질문이 있거나 도움이 필요한 경우 지원 요청을 생성하거나Azure 커뮤니티 지원에 문의하세요. Azure 피드백 커뮤니티에 제품 피드백을 제출할 수도 있습니다.