- Splunk Answers
- :
- Splunk Administration
- :
- Getting Data In
- :
- Re: Why am I getting "CERTIFICATE_VERIFY_FAILED" u...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Why am I getting "CERTIFICATE_VERIFY_FAILED" using splunk-sdk with python on Windows?
File "C:\Python27\Lib\ssl.py", line 840, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)
Team,
Any hint as I am badly blocked and this is windows, not Linux.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
here is the complete error trace from pycharm on windows:
C:\Python27\python.exe C:/Development/Automation/splunk-sdk-python/examples/abc/a.py
Traceback (most recent call last):
File "C:/Development/Automation/splunk-sdk-python/examples/abc/a.py", line 43, in
connection.request("POST", "/services/auth/login", body, headers)
File "C:\Python27\lib\httplib.py", line 1042, in request
self.send_request(method, url, body, headers)
File "C:\Python27\lib\httplib.py", line 1082, in _send_request
self.endheaders(body)
File "C:\Python27\lib\httplib.py", line 1038, in endheaders
self._send_output(message_body)
File "C:\Python27\lib\httplib.py", line 882, in _send_output
self.send(msg)
File "C:\Python27\lib\httplib.py", line 844, in send
self.connect()
File "C:\Python27\lib\httplib.py", line 1263, in connect
server_hostname=server_hostname)
File "C:\Python27\lib\ssl.py", line 363, in wrap_socket
_context=self)
File "C:\Python27\lib\ssl.py", line 611, in __init_
self.do_handshake()
File "C:\Python27\lib\ssl.py", line 840, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)
Process finished with exit code 1
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
On Windows, Python does not look at the system certificate, it uses its own located at ?\lib\site-packages\certifi\cacert.pem.
The solution to your problem:
- download the domain validation certificate as *.crt or *pem file
- open the file in editor and copy it's content to clipboard
- find your cacert.pem location: from requests.utils import DEFAULT_CA_BUNDLE_PATH; print(DEFAULT_CA_BUNDLE_PATH)
- edit the cacert.pem file and paste your domain validation certificate at the end of the file.
- Save the file and enjoy requests!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks so much..
I found the ca cert under below using
from requests.utils import DEFAULT_CA_BUNDLE_PATH
print(DEFAULT_CA_BUNDLE_PATH)
C:\Users\ahmeduddinm.CITRITE\AppData\Roaming\Python\Python27\site-packages\certifi\cacert.pem
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ok, figured out that ur splunk instance was using private CA. However, i disabled the SSL Cert verify in ssl.py of python 27.14.
But still getting this error: Any hint what this indicates?
C:\Python27\python.exe C:/Development/Automation/splunk-sdk-python/examples/abc/a.py
Traceback (most recent call last):
File "C:/Development/Automation/splunk-sdk-python/examples/abc/a.py", line 43, in
connection.request("POST", "/services/auth/login", body, headers)
File "C:\Python27\lib\httplib.py", line 1042, in request
self._send_request(method, url, body, headers)
File "C:\Python27\lib\httplib.py", line 1082, in _send_request
self.endheaders(body)
File "C:\Python27\lib\httplib.py", line 1038, in endheaders
self._send_output(message_body)
File "C:\Python27\lib\httplib.py", line 882, in _send_output
self.send(msg)
File "C:\Python27\lib\httplib.py", line 844, in send
self.connect()
File "C:\Python27\lib\httplib.py", line 1255, in connect
HTTPConnection.connect(self)
File "C:\Python27\lib\httplib.py", line 821, in connect
self.timeout, self.source_address)
File "C:\Python27\lib\socket.py", line 575, in create_connection
raise err
socket.error: [Errno 10060] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
the server is using a private CA and not a public one. so, how can i get that ca cert? or atleast how can i disable the ssl cert validation?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I did paste the root and intermediate and still no luck. same error. I even started the pycharm and ie and command prompts again. Also, added the certs to IE Store.
More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk
.conf24 | Personalize your .conf experience with Learning Paths!
Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...
