Python2.7下[SSL: TLSV1_ALERT_PROTOCOL_VERSION]套接字错误求助
Hey there, I’ve battled this exact TLS version error in Python 2.7 dozens of times—especially since most modern servers have dropped support for the old TLS protocols Python 2.7 uses by default. Let’s walk through the most reliable fixes that work when basic troubleshooting falls flat:
1. Update Dependencies & Force TLS 1.2 in Requests
First, make sure you’re using the latest compatible versions of requests and urllib3 for Python 2.7 (these are the last releases that officially support 2.7):
pip install requests==2.27.1 urllib3==1.26.15
Then, modify your requests calls to explicitly enforce TLS 1.2. Add this snippet before making requests:
import requests from requests.adapters import HTTPAdapter from urllib3.poolmanager import PoolManager import ssl class TLS12Adapter(HTTPAdapter): def init_poolmanager(self, *args, **kwargs): ctx = ssl.create_default_context() ctx.set_ciphers('DEFAULT@SECLEVEL=1') ctx.options |= ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1 kwargs['ssl_context'] = ctx return super(TLS12Adapter, self).init_poolmanager(*args, **kwargs) # Apply the adapter to your requests session session = requests.Session() session.mount('https://', TLS12Adapter()) # Now make your request as usual response = session.get('https://your-target-url.com')
This adapter forces the session to use only TLS 1.2, which is still widely supported by most servers.
2. Manually Configure SSL Context for urllib2
If you’re using Python’s native urllib2 instead of requests, you can create a custom SSL context and pass it to your opener:
import urllib2 import ssl # Create a context that uses TLS 1.2 and relaxes security level (needed for some strict servers) ctx = ssl.create_default_context() ctx.set_ciphers('DEFAULT@SECLEVEL=1') ctx.options |= ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1 # Build an opener with the custom context opener = urllib2.build_opener(urllib2.HTTPSHandler(context=ctx)) urllib2.install_opener(opener) # Make your request response = urllib2.urlopen('https://your-target-url.com')
3. Upgrade System SSL Library (Linux/macOS)
Python 2.7 relies on your system’s OpenSSL library. If your system has an outdated OpenSSL version (older than 1.0.2), it won’t support TLS 1.2. Here’s how to fix it:
- Linux (Debian/Ubuntu):
sudo apt-get update && sudo apt-get install openssl libssl-dev # If needed, recompile Python 2.7 to link against the new OpenSSL: # Download Python 2.7 source, then run ./configure --with-ssl && make && sudo make install - macOS:
Use Homebrew to install a modern OpenSSL version, then set environment variables to let Python use it:brew install openssl@1.1 export LDFLAGS="-L/usr/local/opt/openssl@1.1/lib" export CPPFLAGS="-I/usr/local/opt/openssl@1.1/include" # Recompile Python 2.7 with these variables set if your existing Python doesn't pick up the new library
4. Use pyopenssl for Enhanced SSL Support
If the above fixes still don’t work, install pyopenssl to replace Python’s default SSL implementation with a more modern one:
pip install pyopenssl ndg-httpsclient pyasn1
Once installed, many libraries (including requests) will automatically use this enhanced SSL layer, which supports modern TLS versions out of the box.
A quick heads-up: Python 2.7 is end-of-life, so these are temporary workarounds. Long-term, migrating to Python 3.x is the best solution—but I get it, sometimes legacy systems leave you no choice.
内容的提问来源于stack exchange,提问作者Vibhor Agarwal
