Docs
中文
Start typing to search…

FAQ

Private Key Format Issues

ValueError: Unable to read this file, version 136 != 0

Error Message

rsa/key.py:492 _load_pkcs1_der
ValueError: Unable to read this file, version 136 != 0

Cause Incorrect private key format.

Solution

  1. Go to the Developer Portal and re-copy the private key in PKCS#1 format.

How to Distinguish Private Key Formats

FormatFile Header
PKCS#1 (used by Python)-----BEGIN RSA PRIVATE KEY-----
PKCS#8 (used by Java/C++)-----BEGIN PRIVATE KEY-----

Could not deserialize key data

Error Message

ValueError: ('Could not deserialize key data. The data may be in an incorrect format,
it may be encrypted with an unsupported algorithm, or it may be an unsupported key type
(e.g. EC curves with explicit parameters).', [<OpenSSLError(...)>])

Cause

Compatibility issue with the cryptography library version. Newer versions (e.g. 45.x) may be incompatible with the current SDK.

Solution

Downgrade the cryptography library version:

pip install cryptography==42.0.8

request sign failed. int() argument must be a string

Error Message

TypeError: int() argument must be a string, a bytes-like object or a number, not 'Sequence'

Cause

Incorrect key format. The key may have been generated by an incompatible tool, or the key content was not fully copied.

Solution

  1. Regenerate the key on the Developer Portal.

Signature Verification Failure

failed to verify signature / sign check error

Error Message

ApiException: code=1000 msg=common param error(failed to verify signature,
please make sure you use the correct rsa private key, if you use python sdk,
the private key is in pkcs#1 format)

or

ApiException: code=1000 msg=common param error(sign check error)

Possible Causes

  1. The private key is not in PKCS#1 format (most common cause)
  2. The private key does not match the public key on the developer dashboard (e.g. the key was reset in the Institution Center but not updated locally)
  3. The key was generated by an incompatible tool
  4. System environment issue (signing behavior may be abnormal in certain environments)

Troubleshooting Steps

  1. Confirm you are using a PKCS#1 format private key (starts with BEGIN RSA PRIVATE KEY)
  2. Regenerate the key pair on the Developer Portal, download the new private key and upload the new public key
  3. If the issue resolves after switching machines, it is a system environment issue
  4. Try using an online tool to regenerate the key pair

public key error

Error Message

{"code":1000,"message":"common param error(public key error)","timestamp":1574386825800}

Cause

The tiger_id was not correctly sent to the server.

Troubleshooting Steps

  1. Confirm that client_config.tiger_id is set correctly
  2. If not using the SDK, check that the request is being sent to the correct address (do not send to the sandbox address)
  3. If using a configuration file, confirm that the tiger_id field in tiger_openapi_config.properties has the correct value

SSL / Certificate Issues

SSL: CERTIFICATE_VERIFY_FAILED

Error Message

[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed:
self signed certificate in certificate chain (_ssl.c:1056)

or

response sign verify failed. Verification Failed

Possible Causes

  1. Your own generated public key was incorrectly set as tiger_public_key (the server public key used internally by the SDK), causing response signature verification to fail
  2. System SSL certificates are expired or missing
  3. The Python installation does not include root certificates

Solution

Method 1: Confirm that tiger_public_key is not manually set. This field is managed internally by the SDK and should not be modified by the user.

Method 2 (Mac): If Python was installed via the installer package, navigate to the Applications/Python x.x/ directory and double-click Install Certificates.command to run it (most common solution).

Method 3: Install the certificate library

pip install certifi

If the issue persists:

pip install pip-system-certs

Method 4 (temporary workaround, not recommended for production):

import ssl
ssl._create_default_https_context = ssl._create_unverified_context
⚠️

Method 4 skips SSL certificate verification, which poses a security risk. It is only recommended for temporary use during debugging.

unable to get local issuer certificate

Error Message

unable to get local issuer certificate

Solution

pip install certifi

or

pip install pip-system-certs

Mac users can also try running Applications/Python x.x/Install Certificates.command.

module 'http.client' has no attribute 'HTTPConnection'

Error Message

attributeError: module 'http.client' has no attribute 'HTTPConnection'

Cause

OpenSSL is not installed on the system, or Python was compiled without linking to OpenSSL.

Solution

  1. Verify that OpenSSL is installed on the system: 
    python -c "import ssl; print(ssl.OPENSSL_VERSION)"
  2. If this throws an error, reinstall Python and ensure it is linked with OpenSSL.

Connection and Push Issues

ConnectFailedException (Long Connection Failure)

Error Message

stomp.exception.ConnectFailedException

Possible Causes

  1. Temporary server-side failure
  2. Network is unreachable or blocked by a firewall
  3. SSL configuration issue

Troubleshooting Steps

  1. Check network connectivity
  2. Confirm that the use_ssl parameter of PushClient is not set to False (default is True)
  3. Retry later. If the failure persists, contact technical support

Unknown response frame type

Error Message

Unknown response frame type: '' (frame length was 3)

Cause

The use_ssl parameter of PushClient was set to False, causing a communication protocol mismatch.

Solution

Ensure SSL connection is used (the default behavior). Do not set use_ssl=False.

OSError: [WinError 10038] An operation was attempted on something that is not a socket

Error Message

OSError: [WinError 10038] An operation was attempted on something that is not a socket.

Cause

A send operation (e.g. query_subscribed_quote) was called before the long connection reconnection was completed.

Solution

Before calling push-related methods, confirm that the connection has been successfully established. You can verify the connection status via the on_connected callback, or add a connection status check before calling:

if push_client.is_connected():
    push_client.query_subscribed_quote()

Quote Unsubscription Not Taking Effect

Error Message

According to your user level, you can only unsubscribe after 1 minute of last subscription

Cause

You must wait at least 1 minute after subscribing before you can unsubscribe.

Solution

Wait 1 minute after the last subscription operation before performing the unsubscription.

Account and Permission Issues

account is not authorized to the api user

Cause

The account value is incorrect, or the client_config is not properly configured.

Troubleshooting Steps

  1. Confirm that client_config.account is set correctly
  2. Verify the account format: a consolidated account is a 5-10 digit number, a global account starts with U, and a paper/simulated account is a 17-digit number
  3. If both standard_account and paper_account are set, confirm that the account field is also set

unauthorized: Please login in (code=1200)

Error Message

ApiException: code=1200 msg=standard account response error(unauthorized:Please login in)

Possible Causes

  1. tiger_id and account do not match
  2. Institutional users: the user has not been registered in the API permissions on the backend

Solution

  1. Confirm that tiger_id and account belong to the same developer account
  2. Institutional users: contact the administrator to add the user in the API permissions section of the Institution Center

Windows Common Issues

OSError: [Errno 22] Invalid argument (Path Error)

Error Message

OSError: [Errno 22] Invalid argument: 'D:\\Program Files\\OpenSSL...'

or

request sign failed. Short octet stream on tag decoding

Cause

On Windows, the backslash \ in file paths is interpreted as an escape character.

Solution

Add an r prefix to the path string to use a raw string:

client_config.private_key = read_private_key(r'C:\Users\Foo\Desktop\rsa_private_key.pem')

Or use forward slashes:

client_config.private_key = read_private_key('C:/Users/Foo/Desktop/rsa_private_key.pem')

Data Display Issues

Output Shows [5 rows x 9 columns], Cannot See Full Data

Symptom

After calling an API that returns a DataFrame, the print output is truncated, showing only something like:

[5 rows x 9 columns]

Cause

pandas truncates the display of columns, rows, and width by default.

Solution

Add pandas display settings at the beginning of your code:

import pandas as pd
pd.set_option('display.max_columns', 500)
pd.set_option('display.max_rows', 5000)
pd.set_option('display.width', 5000)

Appendix: Key Format Conversion

If you need to convert between PKCS#1 and PKCS#8 formats, you can use the OpenSSL command-line tool:

Generate a PKCS#1 Private Key

openssl genrsa -out private_pkcs1.pem 1024

Convert PKCS#1 to PKCS#8

openssl pkcs8 -topk8 -inform PEM -in private_pkcs1.pem -outform pem -nocrypt -out private_pkcs8.pem

Convert PKCS#8 to PKCS#1

openssl rsa -in private_pkcs8.pem -out private_pkcs1.pem

Export Public Key from Private Key

openssl rsa -in private_pkcs1.pem -pubout -out public_key.pem

Updated 1 day ago