Are you interested in our Early Access Program (EAP)? This program allows you to preview code, test in your lab and provide feedback prior to General Availability (GA) release of all Infoblox products. If so, please click the link here.

API & Integration, DevOps,NetOps,SecOps

Reply

SSLError: certificate verify failed

[ Edited ]
wrecktangle
Adviser
Posts: 51

‎04-10-2020 01:32 PM - edited ‎04-10-2020 01:36 PM

3242     0

I'm currently testing a portion of code from FHecker.  My Grid Master uses SSL auth and I don't know where/how to supply the cert/cert chain to access my Grid via Python.  I'm assuming the following error is related to this same issue...it can't find the certificate: "ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed"

 

I'm testing on a Linux workstation.  What's the best way to resolve this?

 

Code:

# Import the required Python modules.
import requests
import json
import getpass
import sys

# Set parameters to access the NIOS WAPI.
url = 'https://infoblox.foo.com/wapi/v2.9.5/'
id = 'apiuser'  # Userid with WAPI access
#valid_cert = True  # False if GM uses self-signed certificate
valid_cert = '/path/to/cert/infoblox.cer'

# Prompt for the API user password.
pw = getpass.getpass('Password for user ' + id + ': ')

# Retrieve all network views.
r = requests.get(url + 'networkview',
                 auth=(id, pw),
                 verify=valid_cert)
if r.status_code != requests.codes.ok:
    print (r.text)
    exit_msg = 'Error {} finding network views: {}'
    sys.exit(exit_msg.format(r.status_code, r.reason))
results = r.json()

# Save the authentication cookie for use in subsequent requests.
ibapauth_cookie = r.cookies['ibapauth']
print ('Authentication cookie: ', ibapauth_cookie)

# Print the names of the network views.
print ('Network views')
for result in results:
    print (result['name'])

Errors:

Traceback (most recent call last):
  File "/path/to/python/lib64/python3.6/site-packages/urllib3/connectionpool.py", line 672, in urlopen
    chunked=chunked,
  File "/path/to/python/lib64/python3.6/site-packages/urllib3/connectionpool.py", line 376, in _make_request
    self._validate_conn(conn)
  File "/path/to/python/lib64/python3.6/site-packages/urllib3/connectionpool.py", line 994, in _validate_conn
    conn.connect()
  File "/path/to/python/lib64/python3.6/site-packages/urllib3/connection.py", line 360, in connect
    ssl_context=context,
  File "/path/to/python/lib64/python3.6/site-packages/urllib3/util/ssl_.py", line 370, in ssl_wrap_socket
    return context.wrap_socket(sock, server_hostname=server_hostname)
  File "/opt/rh/rh-python36/root/usr/lib64/python3.6/ssl.py", line 407, in wrap_socket
    _context=self, _session=session)
  File "/opt/rh/rh-python36/root/usr/lib64/python3.6/ssl.py", line 817, in __init__
    self.do_handshake()
  File "/opt/rh/rh-python36/root/usr/lib64/python3.6/ssl.py", line 1077, in do_handshake
    self._sslobj.do_handshake()
  File "/opt/rh/rh-python36/root/usr/lib64/python3.6/ssl.py", line 689, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/path/to/python/lib64/python3.6/site-packages/requests/adapters.py", line 449, in send
    timeout=timeout
  File "/path/to/python/lib64/python3.6/site-packages/urllib3/connectionpool.py", line 720, in urlopen
    method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2]
  File "/path/to/python/lib64/python3.6/site-packages/urllib3/util/retry.py", line 436, in increment
    raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='infoblox.foo.com', port=443): Max retries exceeded with url: /wapi/v2.9.5/networkview (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "getviews.py", line 22, in <module>
    verify=valid_cert)
  File "/path/to/python/lib64/python3.6/site-packages/requests/api.py", line 76, in get
    return request('get', url, params=params, **kwargs)
  File "/path/to/python/lib64/python3.6/site-packages/requests/api.py", line 61, in request
    return session.request(method=method, url=url, **kwargs)
  File "/path/to/python/lib64/python3.6/site-packages/requests/sessions.py", line 530, in request
    resp = self.send(prep, **send_kwargs)
  File "/path/to/python/lib64/python3.6/site-packages/requests/sessions.py", line 643, in send
    r = adapter.send(request, **kwargs)
  File "/path/to/python/lib64/python3.6/site-packages/requests/adapters.py", line 514, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='infoblox.foo.com', port=443): Max retries exceeded with url: /wapi/v2.9.5/networkview (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'),)) 

 

Labels:
Reply
0 Kudos
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Recommended for You

Latest Annoucements

Infoblox Experts Community

You have reached the maximum number of topics allowed as a visitor. Please Login or Join the community to continue to read.

Join for free

TOPICS REMAINING

Register for unlimited browsing. Registration is FREE.

Join Community