SSL certificate problem #56
Comments
|
Hello @sheetlaand ! I wonder if the |
|
Yeah, probably the same issue. I tried to add a "verify=False" attribute to the Collection classes in the "attack_api.py" file (line 53 to 56), it works ! However, I think there must be a more conventional way to do this, do you have a coherent solution for me? |
|
Glad to hear the |
Hey Roberto,
I'm currently facing an SSL certificate error while I'm trying to communicate with the TAXII server. Knowing that I encounter this problem when I am behind my corporate proxy, I think this problem could be solved by offering the user the possibility not to block the communication when an insecure certificate is encountered.
For example, I find the following error when I launch a cURL command line on the TAXII server:
curl -H "Accept: application/vnd.oasis.taxii+json" https://cti-taxii.mitre.org/taxii/curl: (60) SSL certificate problem: unable to get local issuer certificate More details here: https://curl.haxx.se/docs/sslcerts.html curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above.If I just add a -k parameter to the same cURL command line:
curl -H "Accept: application/vnd.oasis.taxii+json" https://cti-taxii.mitre.org/taxii/ -k{"title":"CTI TAXII server","description":"This TAXII server contains a listing of ATT&CK domain collections expressed as STIX, including PRE-ATT&CK, ATT&CK for Enterprise, and ATT&CK Mobile.","contact":"attack@mitre.org","default":"https://cti-taxii.mitre.org/stix/","api_roots":["https://cti-taxii.mitre.org/stix/"]}I hope that my problem is clear enough, and I hope that a solution can be found.
Best regards,
The text was updated successfully, but these errors were encountered: