All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to resolve error SSL: CERTIFICATE_VERIFY_FAILED?

swapsplunk236
Explorer
‎03-16-2018 03:07 AM

Hello All,

Received below error while configuring Mimecast app for Splunkv2.

message from "python "D:\Program Files\Splunk\etc\apps\Splunk_TA_mimecast_for_splunk_v2\bin\Splunk_TA_mimecast_for_splunk_v2.py"" Unexpected error getting base url. Cannot continue.[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:595)

Appreciate any help to resolve this error.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

logloganathan
Motivator
‎03-21-2018 02:08 AM

Try with bypassing the proxy URL. it will work

View solution in original post

Reply
Solved! Jump to solution
Solution

logloganathan
Motivator
‎03-21-2018 02:08 AM

Try with bypassing the proxy URL. it will work

Reply
Solved! Jump to solution

ctxrag
Explorer
‎03-28-2018 06:52 AM

@logloganathan can you clarify more, how to achieve this?

am running a.py from splunk-sdk examples and get this error:
File "C:\Python27\Lib\ssl.py", line 840, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)

Reply
Solved! Jump to solution

hortonew
Builder
‎03-16-2018 02:20 PM

I haven't used this app before, but behind the scenes it's using python requests to make web calls to something. In it, it's going to try and do certificate verification on the remote URL (verify=true by default). You have two options 1) verify the endpoints it's hitting have valid certificates that your splunk server trusts or 2) modify Splunk_TA_mimecast_for_splunk_v2.py, making sure any line that says requests.post or requests.get has a parameter verify=False. (e.g. line 196: r = requests.post(url='https:...', verify=false). See: http://docs.python-requests.org/en/master/user/advanced/

Reply
Solved! Jump to solution

marycordova
SplunkTrust
SplunkTrust
‎03-26-2018 01:29 PM

You should post the "verify=False" as an answer so it can be accepted and up-voted!

Thank you!

@marycordova
0 Karma
Reply
Solved! Jump to solution

ctxrag
Explorer
‎03-28-2018 08:33 AM

How do I do this on windows please?

0 Karma
Reply
Solved! Jump to solution

hortonew
Builder
‎03-28-2018 08:45 AM

Should be able to just open the python file mentioned in a text editor and save it. Then restart the Splunk service.

0 Karma
Reply
Solved! Jump to solution

swapsplunk236
Explorer
‎03-21-2018 12:23 AM

Thank you very much. I think this too can resolve this error but for now I have resolved by bypassing the SSL inspection for the URL on the proxy that we use.

0 Karma
Reply
Solved! Jump to solution

gjanders
SplunkTrust
SplunkTrust
‎03-21-2018 01:05 AM

Please answer and accept so the case can be closed 🙂

This is a very common issue, another trick is to find the cacerts (or cacerts.pem) or similar inside the app and add your custom-SSL certs into that.
However it will be lost on the next upgrade of the application...(so proxy SSL bypass is always better!)

-
Alerts for Splunk Admins, Version Control for Splunk, Decrypt2 VersionControl For SplunkCloud
Reply
Get Updates on the Splunk Community!

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

Take a look below to explore our upcoming Community Office Hours, Tech Talks, and Webinars this month. This ...

They're back! Join the SplunkTrust and MVP at .conf24

With our highly anticipated annual conference, .conf, comes the fez-wearers you can trust! The SplunkTrust, as ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...