Environmernt:
Digital Ocean Droplet - Ubuntu 20.04.2 LTS.
Certbot - manage certificated on NGINX
Python:3.10 running in docker container
Nature of error:
On making any request whether I get the SSL: CERTIFICATE_VERIFY_FAILED.
But in a case where my request fails I get a proper 400 error message from the server.
Error: (In this case I'm trying to register)
Internal Server Error: /auth/register/
Traceback (most recent call last):
File "/usr/local/lib/python3.10/site-packages/django/core/handlers/exception.py", line 54, in inner
response = get_response(request)
File "/usr/local/lib/python3.10/site-packages/django/core/handlers/base.py", line 197, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/local/lib/python3.10/contextlib.py", line 79, in inner
return func(*args, **kwds)
File "/usr/local/lib/python3.10/site-packages/django/views/decorators/csrf.py", line 55, in wrapper_view
return view_func(*args, **kwargs)
File "/usr/local/lib/python3.10/site-packages/django/views/generic/base.py", line 104, in view
return self.dispatch(request, *args, **kwargs)
File "/usr/local/lib/python3.10/site-packages/rest_framework/views.py", line 509, in dispatch
response = self.handle_exception(exc)
File "/usr/local/lib/python3.10/site-packages/rest_framework/views.py", line 469, in handle_exception
self.raise_uncaught_exception(exc)
File "/usr/local/lib/python3.10/site-packages/rest_framework/views.py", line 480, in raise_uncaught_exception
raise exc
File "/usr/local/lib/python3.10/site-packages/rest_framework/views.py", line 506, in dispatch
response = handler(request, *args, **kwargs)
File "/app/apps/core/views.py", line 45, in post
data = UserService.register_user(email=email, serializer=serializer)
File "/app/apps/core/services/registration.py", line 13, in register_user
MailerClass.send_email(data)
File "/app/apps/core/utils.py", line 20, in send_email
email.send()
File "/usr/local/lib/python3.10/site-packages/django/core/mail/message.py", line 298, in send
return self.get_connection(fail_silently).send_messages([self])
File "/usr/local/lib/python3.10/site-packages/django/core/mail/backends/smtp.py", line 125, in send_messages
new_conn_created = self.open()
File "/usr/local/lib/python3.10/site-packages/django/core/mail/backends/smtp.py", line 90, in open
self.connection.starttls(context=self.ssl_context)
File "/usr/local/lib/python3.10/smtplib.py", line 790, in starttls
self.sock = context.wrap_socket(self.sock,
File "/usr/local/lib/python3.10/ssl.py", line 513, in wrap_socket
return self.sslsocket_class._create(
File "/usr/local/lib/python3.10/ssl.py", line 1071, in _create
self.do_handshake()
File "/usr/local/lib/python3.10/ssl.py", line 1342, in do_handshake
self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:997)
Error for a failed request: (In this case I'm trying to login with a wrong email)
{
"email": [
"email does not exist"
]
}
I tried reinstalling the certificate with certbot but the issue persists.
Note: This same endpoints worked properly until i added a second domain to certbot
Can't post commentary yet so I'll just do that here, I ran into the same problem not a long time ago. If you are working in a compagny, it is possible that they are blocking it (mine was using Zscaler). You could also check for your accepted certificates on your PC.
If it is none of those, here's a link to someone who ran in almost the same issue : '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:997)')))
It appears that a valid certificate which should be signed from a trusted CA is missing or certificate is self-signed or signed from the CA where CA chain is not trusted. You need to add that root or self-signed certificate in the trust store of the client.
Related
I am trying to upload data to google sheet by python.
But i found that I have to use administrator to run the script.
My computer OS is Window10.
The followings are my python script.
import gspread
from google.oauth2.service_account import Credentials
scopes = ["https://www.googleapis.com/auth/spreadsheets"]
credentials = Credentials.from_service_account_file(filename='C:/Users/KCL47/Desktop/googleSheetUpdate/credentials.json', scopes=scopes)
client = gspread.authorize(credentials)
sheet = client.open_by_key("1DjCtgGxJapLNI44KMppmJZGCMjMVLgjmT__3xPdE0Sk").sheet1
sheet.clear()
sheet.append_row(values=header)
sheet.append_rows(values=records)
The file credentials.json, I follow this website to create the json file.
My Python version is 3.10.6.
Most of Library are updated to latest version.
When I use administrator to run the script, there are no any problems.
But when I use normal user to run the script.I got the following Error.
Traceback (most recent call last):
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\urllib3\connectionpool.py", line 703, in urlopen
httplib_response = self._make_request(
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\urllib3\connectionpool.py", line 386, in _make_request
self._validate_conn(conn)
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\urllib3\connectionpool.py", line 1042, in _validate_conn
conn.connect()
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\urllib3\connection.py", line 414, in connect
self.sock = ssl_wrap_socket(
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\urllib3\util\ssl_.py", line 449, in ssl_wrap_socket
ssl_sock = _ssl_wrap_socket_impl(
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\urllib3\util\ssl_.py", line 493, in _ssl_wrap_socket_impl
return ssl_context.wrap_socket(sock, server_hostname=server_hostname)
File "C:\Python\lib\ssl.py", line 513, in wrap_socket
return self.sslsocket_class._create(
File "C:\Python\lib\ssl.py", line 1071, in _create
self.do_handshake()
File "C:\Python\lib\ssl.py", line 1342, in do_handshake
self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:997)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\requests\adapters.py", line 489, in send
resp = conn.urlopen(
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\urllib3\connectionpool.py", line 815, in urlopen
return self.urlopen(
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\urllib3\connectionpool.py", line 815, in urlopen
return self.urlopen(
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\urllib3\connectionpool.py", line 815, in urlopen
return self.urlopen(
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\urllib3\connectionpool.py", line 787, in urlopen
retries = retries.increment(
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\urllib3\util\retry.py", line 592, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='oauth2.googleapis.com', port=443): Max retries exceeded with url: /token (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:997)')))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\google\auth\transport\requests.py", line 193, in __call__
response = self.session.request(
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\requests\sessions.py", line 587, in request
resp = self.send(prep, **send_kwargs)
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\requests\sessions.py", line 701, in send
r = adapter.send(request, **kwargs)
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\requests\adapters.py", line 563, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='oauth2.googleapis.com', port=443): Max retries exceeded with url: /token (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:997)')))
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "C:\Users\KCL47\Desktop\googleSheetUpdate\updateGoogleSheet.py", line 58, in <module>
sheet = client.open_by_key("1VakExMG9DNG4bKaQk9_2zHCRg-cd3_V-ypdHboE1zsk").sheet1
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\gspread\client.py", line 164, in open_by_key
return Spreadsheet(self, {"id": key})
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\gspread\spreadsheet.py", line 33, in __init__
metadata = self.fetch_sheet_metadata()
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\gspread\spreadsheet.py", line 253, in fetch_sheet_metadata
r = self.client.request("get", url, params=params)
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\gspread\client.py", line 73, in request
response = getattr(self.session, method)(
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\requests\sessions.py", line 600, in get
return self.request("GET", url, **kwargs)
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\google\auth\transport\requests.py", line 545, in request
self.credentials.before_request(auth_request, method, url, request_headers)
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\google\auth\credentials.py", line 133, in before_request
self.refresh(request)
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\google\oauth2\service_account.py", line 410, in refresh
access_token, expiry, _ = _client.jwt_grant(
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\google\oauth2\_client.py", line 217, in jwt_grant
response_data = _token_endpoint_request(request, token_uri, body)
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\google\oauth2\_client.py", line 185, in _token_endpoint_request
response_status_ok, response_data = _token_endpoint_request_no_throw(
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\google\oauth2\_client.py", line 124, in _token_endpoint_request_no_throw
response = request(
File "C:\Users\KCL47\Desktop\googleSheetUpdate\venv\lib\site-packages\google\auth\transport\requests.py", line 199, in __call__
six.raise_from(new_exc, caught_exc)
File "<string>", line 3, in raise_from
google.auth.exceptions.TransportError: HTTPSConnectionPool(host='oauth2.googleapis.com', port=443): Max retries exceeded with url: /token (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:997)')))
This problem appear on sheet = client.open_by_key("1DjCtgGxJapLNI44KMppmJZGCMjMVLgjmT__3xPdE0Sk").sheet1
I have try to update certifi. But It is the latest version already.
The Python is install by administrator user.
How can I run this script without administrator in my computer?
Is it possible that the connection to google is not possible due to proxy settings?
Have you tried adding session?
Example:
import requests
from gspread import Client
session = requests.Session()
session.verify = False
gc = Client(None, session)
gspread doc example:
import json
from gspread import Client
from authlib.integrations.requests_client import AssertionSession
def create_assertion_session(conf_file, scopes, subject=None):
with open(conf_file, 'r') as f:
conf = json.load(f)
token_url = conf['token_uri']
issuer = conf['client_email']
key = conf['private_key']
key_id = conf.get('private_key_id')
header = {'alg': 'RS256'}
if key_id:
header['kid'] = key_id
# Google puts scope in payload
claims = {'scope': ' '.join(scopes)}
return AssertionSession(
grant_type=AssertionSession.JWT_BEARER_GRANT_TYPE,
token_url=token_url,
issuer=issuer,
audience=token_url,
claims=claims,
subject=subject,
key=key,
header=header,
)
scopes = [
'https://www.googleapis.com/auth/spreadsheets',
'https://www.googleapis.com/auth/drive',
]
session = create_assertion_session('your-google-conf.json', scopes)
gc = Client(None, session)
wks = gc.open("Where is the money Lebowski?").sheet1
wks.update_acell('B2', "it's down there somewhere, let me take another look.")
# Fetch a cell range
cell_list = wks.range('A1:B7')
Using the Python requests library, how can I trust a server TLS certificate when this certificate mentions an issuer that I can't access (untrusted root)?
In other words, I'd like to trust the public key provided in the server certificate. I don't want to completely disable certificate validation, and ideally the solution would not prevent requests to validate other valid certificates.
Using curl and openssl, I can manage to get this result, but I am unable to reproduce this using the requests library, even using the verify parameter.
Using the URL https://untrusted-root.badssl.com, which exposes a certificate with an untrusted root:
# Certificate issuer is not trusted
$ curl https://untrusted-root.badssl.com
curl: (60) server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
...
# Download the server certificate locally to badsslcom.crt
$ openssl s_client -showcerts -servername untrusted-root.badssl.com -connect untrusted-root.badssl.com:443 </dev/null 2>/dev/null | openssl x509 -outform pem > badsslcom.crt
# Now, curl accepts the server certificate
$ curl --cacert badsslcom.crt https://untrusted-root.badssl.com
<!DOCTYPE html>
<html>
...
</html>
The following Python code raises an exception however:
import requests
import os
import logging
logging.basicConfig(level=logging.DEBUG)
url = "https://untrusted-root.badssl.com/"
cert = "badsslcom.crt"
if not os.path.exists(cert):
raise ValueError('Can not find cert')
r = requests.get(url, verify=cert)
The exception is
INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): untrusted-root.badssl.com
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 560, in urlopen
body=body, headers=headers)
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 346, in _make_request
self._validate_conn(conn)
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 787, in _validate_conn
conn.connect()
File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 252, in connect
ssl_version=resolved_ssl_version)
File "/usr/lib/python3/dist-packages/urllib3/util/ssl_.py", line 305, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File "/usr/lib/python3.5/ssl.py", line 377, in wrap_socket
_context=self)
File "/usr/lib/python3.5/ssl.py", line 752, in __init__
self.do_handshake()
File "/usr/lib/python3.5/ssl.py", line 988, in do_handshake
self._sslobj.do_handshake()
File "/usr/lib/python3.5/ssl.py", line 633, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/requests/adapters.py", line 376, in send
timeout=timeout
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 589, in urlopen
raise SSLError(e)
requests.packages.urllib3.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "./test_ssl.py", line 13, in <module>
r = requests.get(url, verify=cert)
File "/usr/lib/python3/dist-packages/requests/api.py", line 67, in get
return request('get', url, params=params, **kwargs)
File "/usr/lib/python3/dist-packages/requests/api.py", line 53, in request
return session.request(method=method, url=url, **kwargs)
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 480, in request
resp = self.send(prep, **send_kwargs)
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 588, in send
r = adapter.send(request, **kwargs)
File "/usr/lib/python3/dist-packages/requests/adapters.py", line 447, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)
How can I mirror the curl behaviour in Python? Adding the certificate to the Ubuntu 18.04 system store and pointing the REQUESTS_CA_BUNDLE environment variable to the system store did not help either.
I am attempting to connect to a socket using the following code
import ssl, socket
ctx = ssl.create_default_context()
s = ctx.wrap_socket(socket.socket(), server_hostname='theguardian.co.uk')
s.connect(('theguardian.co.uk', 443))
With the patch given at App Engine socket invalid argument this works on the development server perfectly. However, when deployed (to my billing-enabled app) it fails with the following error:
(<class 'ssl.SSLError'>, SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:591)'), <traceback object at 0x107bd918>)
I realise sockets are in beta on GAE - but I would have thought that if it works on the dev server (albeit with the patch) it'd work when deployed. What am I missing?
The full traceback is as follows:
[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:591)
Traceback (most recent call last):
File "/base/data/home/runtimes/python27/python27_lib/versions/third_party/webapp2-2.5.1/webapp2.py", line 1536, in __call__
rv = self.handle_exception(request, response, e)
File "/base/data/home/runtimes/python27/python27_lib/versions/third_party/webapp2-2.5.1/webapp2.py", line 1530, in __call__
rv = self.router.dispatch(request, response)
File "/base/data/home/runtimes/python27/python27_lib/versions/third_party/webapp2-2.5.1/webapp2.py", line 1278, in default_dispatcher
return route.handler_adapter(request, response)
File "/base/data/home/runtimes/python27/python27_lib/versions/third_party/webapp2-2.5.1/webapp2.py", line 1102, in __call__
return handler.dispatch()
File "/base/data/home/runtimes/python27/python27_lib/versions/third_party/webapp2-2.5.1/webapp2.py", line 572, in dispatch
return self.handle_exception(e, self.app.debug)
File "/base/data/home/runtimes/python27/python27_lib/versions/third_party/webapp2-2.5.1/webapp2.py", line 570, in dispatch
return method(*args, **kwargs)
File "/base/data/home/apps/[REDACTED]/main.py", line 32, in get
s.connect(('theguardian.co.uk', 443))
File "/base/data/home/runtimes/python27/python27_lib/versions/third_party/ssl-2.7.11/ssl.py", line 839, in connect
self._real_connect(addr, False)
File "/base/data/home/runtimes/python27/python27_lib/versions/third_party/ssl-2.7.11/ssl.py", line 830, in _real_connect
self.do_handshake()
File "/base/data/home/runtimes/python27/python27_lib/versions/third_party/ssl-2.7.11/ssl.py", line 803, in do_handshake
self._sslobj.do_handshake()
SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:591)
Edit
I've read the restrictions at https://cloud.google.com/appengine/docs/python/sockets/#limitations_and_restrictions and it's specified that
You cannot bind to specific IP addresses or ports
is the inclusion of port 443 the cause of this error - and if so how do I get around it considering that connect() requires it?
I need help in verifying SSL certificate within the company's firewall when trying to access the cloud hosted application https://www.quickbase.com/. The pyquickbase module works perfectly when I run the script from home. Here is my code and traceback for your reference.
### Python script to log into database
import quickbase
client = quickbase.Client(username='JohnDoe',password='OpenQB', database='qb_database',
apptoken='xxxdfdafd', base_url="https://www.quickbase.com")
response = client.list_db_pages(database='qb_database')
print(response)
###
Traceback (most recent call last):
File "D:\Users\User123\Documents\pyfund\Quickbase\QB_api_check.py", line 3, in <module>
apptoken='xxxdfdafd', base_url="https://www.quickbase.com")
File "C:\Python27\lib\site-packages\quickbase.py", line 191, in __init__
self.authenticate()
File "C:\Python27\lib\site-packages\quickbase.py", line 263, in authenticate
required=['ticket', 'userid'], ticket=False)
File "C:\Python27\lib\site-packages\quickbase.py", line 219, in request
request = requests.post(url, data, headers=headers)
File "C:\Python27\lib\site-packages\requests\api.py", line 111, in post
return request('post', url, data=data, json=json, **kwargs)
File "C:\Python27\lib\site-packages\requests\api.py", line 57, in request
return session.request(method=method, url=url, **kwargs)
File "C:\Python27\lib\site-packages\requests\sessions.py", line 475, in request
resp = self.send(prep, **send_kwargs)
File "C:\Python27\lib\site-packages\requests\sessions.py", line 585, in send
r = adapter.send(request, **kwargs)
File "C:\Python27\lib\site-packages\requests\adapters.py", line 477, in send
raise SSLError(e, request=request)
SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)
Ok, I tried setting up the proxy with OS environment variable and that did not work since the requests.get required that I pass the proxy within the call. I created a proxy Dict as
proxyDict = {
"http" : http_proxy,
"https" : https_proxy,
"ftp" : ftp_proxy
}
The https one was the one that was required in order to receive SSL certificate. I will now have to modify the quickbase and pybase modules that I am using to explicitly include the proxies in the calls.
I'm trying to connect to JIRA using a Python wrapper for the Rest interface and I can't get it to work at all. I've read everything I could find so this is my last resort.
I've tried a lot of stuff including
verify=False
but nothing has worked so far.
The strange thing is that with urllib.request it does work without any SSL cert (it's just some internal cert) but the goal is to use the Python Jira wrapper so it's not really an option...
I've tried Python 3.4 and 2.7... getting desperate...
Any ideas?
The code is very simple:
import requests
r = requests.get('https://jiratest.myurl.com/rest/api/2/serverInfo')
print(r.content)
Error:
C:\Python34\python.exe C:/projects/jirascriptsx/delete_worklogs.py
Traceback (most recent call last):
File "C:\Python34\lib\site-packages\requests\packages\urllib3\connectionpool.py", line 544, in urlopen
body=body, headers=headers)
File "C:\Python34\lib\site-packages\requests\packages\urllib3\connectionpool.py", line 341, in _make_request
self._validate_conn(conn)
File "C:\Python34\lib\site-packages\requests\packages\urllib3\connectionpool.py", line 761, in _validate_conn
conn.connect()
File "C:\Python34\lib\site-packages\requests\packages\urllib3\connection.py", line 238, in connect
ssl_version=resolved_ssl_version)
File "C:\Python34\lib\site-packages\requests\packages\urllib3\util\ssl_.py", line 279, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File "C:\Python34\lib\ssl.py", line 365, in wrap_socket
_context=self)
File "C:\Python34\lib\ssl.py", line 583, in __init__
self.do_handshake()
File "C:\Python34\lib\ssl.py", line 810, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:600)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Python34\lib\site-packages\requests\adapters.py", line 370, in send
timeout=timeout
File "C:\Python34\lib\site-packages\requests\packages\urllib3\connectionpool.py", line 574, in urlopen
raise SSLError(e)
requests.packages.urllib3.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:600)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:/projects/jirascriptsx/delete_worklogs.py", line 4, in <module>
r = requests.get('https://jiratest.uniqa.at/rest/api/2/serverInfo')
File "C:\Python34\lib\site-packages\requests\api.py", line 69, in get
return request('get', url, params=params, **kwargs)
File "C:\Python34\lib\site-packages\requests\api.py", line 50, in request
response = session.request(method=method, url=url, **kwargs)
File "C:\Python34\lib\site-packages\requests\sessions.py", line 465, in request
resp = self.send(prep, **send_kwargs)
File "C:\Python34\lib\site-packages\requests\sessions.py", line 573, in send
r = adapter.send(request, **kwargs)
File "C:\Python34\lib\site-packages\requests\adapters.py", line 431, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:600)
Process finished with exit code 1
There is a problem with our infrastructure which seems to bring out a bug in the requests module where the SSL verification ignore flag doesn't work properly.
None of the solutions offered in any of the Stackoverflow posts worked.
As a workaround I'm running the code directly on the server.
If you have certificate file(Certificate.pem) and key file(Key.pem) then we can authenticate like this
cert=/path/to/certificate_file
key_file=/path/to/key_file
url=https://jiratest.myurl.com/rest/api/2/serverInfo
with requests.session() as session:
session.cert=(cert,key_file)
session.auth=(username,base64.urlsafe_b64decode(password))
response=session.get(url)
if response.status_code == 200:
json_data = response.json()