- Splunk Answers
- :
- Splunk Administration
- :
- Getting Data In
- :
- Certificate error while integrating Sailpoint with...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Certificate error while integrating Sailpoint with Splunk
Hello Experts,
We are trying to integrate Sailpoint with Splunk. We used the required add-on and all the necessary information for API however, after putting all the required information we are getting the certificate error that stops the complete integration. Below are some of the sample error logs of Sailpoint integration.
File "/data/splunk/etc/apps/Splunk_TA_sailpoint/bin/splunk_ta_sailpoint/aob_py3/requests/api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "/data/splunk/etc/apps/Splunk_TA_sailpoint/bin/splunk_ta_sailpoint/aob_py3/requests/sessions.py", line 533, in request
resp = self.send(prep, **send_kwargs)
File "/data/splunk/etc/apps/Splunk_TA_sailpoint/bin/splunk_ta_sailpoint/aob_py3/requests/sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "/data/splunk/etc/apps/Splunk_TA_sailpoint/bin/splunk_ta_sailpoint/aob_py3/requests/adapters.py", line 514, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='#hostname', port=8443): Max retries exceeded with url: /identityiq/oauth2/token (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:1106)')))
Can someone please provide some input on the same so that we can proceed with the integration.
Thanks in advance
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SSLCertVerificationError comes up for one of the two reasons - if the certificate is not placed in right directory or if it is a self signed certificate. Please navigate to following file to add CA certs(in my case i added my full chain pem file of the server where i installed the add on) in the chain: > SPLUNK_HOME/etc/apps/Splunk_TA_sailpoint/bin/splunk_ta_sailpoint/aob_py3/certifi/cacert.pem
This issue with the self signed certificate arises due to critical security checks which are enforced by default in latest python version(3.7 +). In order to resolve this you will require CA certs in all of the environment(s) (DEV/STAGING/PROD).
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Subhashsingh ,
Could you please share the steps on how exactly you fixed the issue.
Did you import the certificate from IGA URL ?
Detecting Remote Code Executions With the Splunk Threat Research Team
Enter the Splunk Community Dashboard Challenge for Your Chance to Win!
.conf24 | Session Scheduler is Live!!
