Ubuntu ARM版本如何运行openconnect-sso?
前言
- 操作系统:Ubuntu 22.04 ARM64
1. 安装openconnect-sso
先安装anaconda或者miniconda,然后运行如下命令
conda install -c conda-forge openconnect-sso
2. 解决openssl的bug
安装好后照理来说直接运行下面的命令就可以了
openconnect-sso --log-level DEBUG -s ngvpn30.vpn.nvidia.com -g SAML -u username@nvidia.com --browser-display-mode shown
但是我遇到了如下报错信息:
Traceback (most recent call last):
File "/home/parallels/miniconda3/lib/python3.9/site-packages/urllib3/connectionpool.py", line 703, in urlopen
httplib_response = self._make_request(
File "/home/parallels/miniconda3/lib/python3.9/site-packages/urllib3/connectionpool.py", line 386, in _make_request
self._validate_conn(conn)
File "/home/parallels/miniconda3/lib/python3.9/site-packages/urllib3/connectionpool.py", line 1042, in _validate_conn
conn.connect()
File "/home/parallels/miniconda3/lib/python3.9/site-packages/urllib3/connection.py", line 414, in connect
self.sock = ssl_wrap_socket(
File "/home/parallels/miniconda3/lib/python3.9/site-packages/urllib3/util/ssl_.py", line 449, in ssl_wrap_socket
ssl_sock = _ssl_wrap_socket_impl(
File "/home/parallels/miniconda3/lib/python3.9/site-packages/urllib3/util/ssl_.py", line 493, in _ssl_wrap_socket_impl
return ssl_context.wrap_socket(sock, server_hostname=server_hostname)
File "/home/parallels/miniconda3/lib/python3.9/ssl.py", line 501, in wrap_socket
return self.sslsocket_class._create(
File "/home/parallels/miniconda3/lib/python3.9/ssl.py", line 1041, in _create
self.do_handshake()
File "/home/parallels/miniconda3/lib/python3.9/ssl.py", line 1310, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: UNSAFE_LEGACY_RENEGOTIATION_DISABLED] unsafe legacy renegotiation disabled (_ssl.c:1129)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/parallels/miniconda3/lib/python3.9/site-packages/requests/adapters.py", line 489, in send
resp = conn.urlopen(
File "/home/parallels/miniconda3/lib/python3.9/site-packages/urllib3/connectionpool.py", line 787, in urlopen
retries = retries.increment(
File "/home/parallels/miniconda3/lib/python3.9/site-packages/urllib3/util/retry.py", line 592, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='ngvpn30.vpn.nvidia.com', port=443): Max retries exceeded with url: /SAML (Caused by SSLError(SSLError(1, '[SSL: UNSAFE_LEGACY_RENEGOTIATION_DISABLED] unsafe legacy renegotiation disabled (_ssl.c:1129)')))
解决办法如下:
- 新建一个
openssl.cnf文件,可以放在任意位置,假如是/home/Desktop/openssl.cnf,文件里面需要做如下设置
openssl_conf = openssl_init
[openssl_init]
ssl_conf = ssl_sect
[ssl_sect]
system_default = system_default_sect
[system_default_sect]
Options = UnsafeLegacyRenegotiation
- 重新运行
OPENSSL_CONF=/home/Desktop/openssl.cnf openconnect-sso --log-level DEBUG -s ngvpn30.vpn.nvidia.com -g SAML -u username@nvidia.com --browser-display-mode shown
