Unsolved
3 Apprentice
•
318 Posts
0
642
February 20th, 2023 13:00
unsigned certificate error when trying to connect to REST API using example
Example being used is https://github.com/Isilon/isilon_sdk_python/blob/Isilon_SDK_v0.2.12/isi_sdk_9_1_0/docs/ProtocolsApi.md#list_nfs_exports
I get a deny with error
2023-02-20 21:33:42,692 WARNING Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579)'),)': /session/1/session
2023-02-20 21:33:42,707 WARNING Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579)'),)': /session/1/session
2023-02-20 21:33:42,717 WARNING Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579)'),)': /session/1/session
after the 3 timeouts it fails with a Traceback
File "/usr/lib/python2.7/site-packages/urllib3/request.py", line 150, in request_encode_body
return self.urlopen(method, url, **extra_kw)
File "/usr/lib/python2.7/site-packages/urllib3/poolmanager.py", line 323, in urlopen
response = conn.urlopen(method, u.request_uri, **kw)
File "/usr/lib/python2.7/site-packages/urllib3/connectionpool.py", line 667, in urlopen
**response_kw)
File "/usr/lib/python2.7/site-packages/urllib3/connectionpool.py", line 667, in urlopen
**response_kw)
File "/usr/lib/python2.7/site-packages/urllib3/connectionpool.py", line 667, in urlopen
**response_kw)
File "/usr/lib/python2.7/site-packages/urllib3/connectionpool.py", line 638, in urlopen
_stacktrace=sys.exc_info()[2])
File "/usr/lib/python2.7/site-packages/urllib3/util/retry.py", line 398, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
there appear to be two solutions;
1. kind of a cheat - make it a trusted connection
2. Create a valid self signed certificate on the isilon
Either one works - any thoughts ?
dynamox
9 Legend
•
20.4K Posts
0
February 24th, 2023 22:00
I cheat, tell the python request module to not validate SSL certificate.
access_zones = requests.get(url_get_access_zones, headers=headers, cookies=cookie, verify=False)
Phil.Lam
3 Apprentice
•
622 Posts
0
February 26th, 2023 19:00
@cadencep45 ,
HTH also. default is true.
isilon-1# isi_gconfig -t web-config auth_basic=false
isilon-1# isi_gconfig -t web-config auth_basic
auth_basic (bool) = false
Phil.Lam
3 Apprentice
•
622 Posts
0
February 26th, 2023 20:00
CORRECTION:
@cadencep45 ,
HTH also. default is false.
isilon1-1# isi_gconfig -t web-config auth_basic
auth_basic (bool) = false
isilon-1# isi_gconfig -t web-config auth_basic=true
isilon-1# isi_gconfig -t web-config auth_basic
auth_basic (bool) = true