Are you interested in our Early Access Program (EAP)? This program allows you to preview code, test in your lab and provide feedback prior to General Availability (GA) release of all Infoblox products. If so, please click the link here.

API & Integration, DevOps,NetOps,SecOps

Reply

SSLError: certificate verify failed

[ Edited ]
Adviser
Posts: 51
2984     0

I'm currently testing a portion of code from FHecker.  My Grid Master uses SSL auth and I don't know where/how to supply the cert/cert chain to access my Grid via Python.  I'm assuming the following error is related to this same issue...it can't find the certificate: "ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed"

 

I'm testing on a Linux workstation.  What's the best way to resolve this?

 

Code:

# Import the required Python modules.
import requests
import json
import getpass
import sys

# Set parameters to access the NIOS WAPI.
url = 'https://infoblox.foo.com/wapi/v2.9.5/'
id = 'apiuser'  # Userid with WAPI access
#valid_cert = True  # False if GM uses self-signed certificate
valid_cert = '/path/to/cert/infoblox.cer'

# Prompt for the API user password.
pw = getpass.getpass('Password for user ' + id + ': ')

# Retrieve all network views.
r = requests.get(url + 'networkview',
                 auth=(id, pw),
                 verify=valid_cert)
if r.status_code != requests.codes.ok:
    print (r.text)
    exit_msg = 'Error {} finding network views: {}'
    sys.exit(exit_msg.format(r.status_code, r.reason))
results = r.json()

# Save the authentication cookie for use in subsequent requests.
ibapauth_cookie = r.cookies['ibapauth']
print ('Authentication cookie: ', ibapauth_cookie)

# Print the names of the network views.
print ('Network views')
for result in results:
    print (result['name'])

Errors:

Traceback (most recent call last):
  File "/path/to/python/lib64/python3.6/site-packages/urllib3/connectionpool.py", line 672, in urlopen
    chunked=chunked,
  File "/path/to/python/lib64/python3.6/site-packages/urllib3/connectionpool.py", line 376, in _make_request
    self._validate_conn(conn)
  File "/path/to/python/lib64/python3.6/site-packages/urllib3/connectionpool.py", line 994, in _validate_conn
    conn.connect()
  File "/path/to/python/lib64/python3.6/site-packages/urllib3/connection.py", line 360, in connect
    ssl_context=context,
  File "/path/to/python/lib64/python3.6/site-packages/urllib3/util/ssl_.py", line 370, in ssl_wrap_socket
    return context.wrap_socket(sock, server_hostname=server_hostname)
  File "/opt/rh/rh-python36/root/usr/lib64/python3.6/ssl.py", line 407, in wrap_socket
    _context=self, _session=session)
  File "/opt/rh/rh-python36/root/usr/lib64/python3.6/ssl.py", line 817, in __init__
    self.do_handshake()
  File "/opt/rh/rh-python36/root/usr/lib64/python3.6/ssl.py", line 1077, in do_handshake
    self._sslobj.do_handshake()
  File "/opt/rh/rh-python36/root/usr/lib64/python3.6/ssl.py", line 689, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/path/to/python/lib64/python3.6/site-packages/requests/adapters.py", line 449, in send
    timeout=timeout
  File "/path/to/python/lib64/python3.6/site-packages/urllib3/connectionpool.py", line 720, in urlopen
    method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2]
  File "/path/to/python/lib64/python3.6/site-packages/urllib3/util/retry.py", line 436, in increment
    raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='infoblox.foo.com', port=443): Max retries exceeded with url: /wapi/v2.9.5/networkview (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "getviews.py", line 22, in <module>
    verify=valid_cert)
  File "/path/to/python/lib64/python3.6/site-packages/requests/api.py", line 76, in get
    return request('get', url, params=params, **kwargs)
  File "/path/to/python/lib64/python3.6/site-packages/requests/api.py", line 61, in request
    return session.request(method=method, url=url, **kwargs)
  File "/path/to/python/lib64/python3.6/site-packages/requests/sessions.py", line 530, in request
    resp = self.send(prep, **send_kwargs)
  File "/path/to/python/lib64/python3.6/site-packages/requests/sessions.py", line 643, in send
    r = adapter.send(request, **kwargs)
  File "/path/to/python/lib64/python3.6/site-packages/requests/adapters.py", line 514, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='infoblox.foo.com', port=443): Max retries exceeded with url: /wapi/v2.9.5/networkview (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'),)) 

 

Showing results for 
Search instead for 
Did you mean: 

Recommended for You