Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)'),) #24

Closed
m0jtaba opened this issue Mar 6, 2018 · 8 comments
Closed

Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)'),) #24

m0jtaba opened this issue Mar 6, 2018 · 8 comments
Assignees
@emmanvg
Labels
bug
Milestone
0.3

Comments

@m0jtaba
Copy link

m0jtaba commented Mar 6, 2018

When I run the code below I am getting an SSLError the certificate that i am using is self signed:

from taxii2client import Server
server = Server('https://192.168.56.100/taxii/', 'admin', 'letmein')

print(server.title)

Stack Trace:

Traceback (most recent call last):
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/urllib3/connectionpool.py", line 601, in urlopen
    chunked=chunked)
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/urllib3/connectionpool.py", line 346, in _make_request
    self._validate_conn(conn)
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/urllib3/connectionpool.py", line 850, in _validate_conn
    conn.connect()
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/urllib3/connection.py", line 326, in connect
    ssl_context=context)
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/urllib3/util/ssl_.py", line 329, in ssl_wrap_socket
    return context.wrap_socket(sock, server_hostname=server_hostname)
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/ssl.py", line 407, in wrap_socket
    _context=self, _session=session)
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/ssl.py", line 814, in __init__
    self.do_handshake()
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/ssl.py", line 1068, in do_handshake
    self._sslobj.do_handshake()
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/ssl.py", line 689, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/requests/adapters.py", line 440, in send
    timeout=timeout
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/urllib3/connectionpool.py", line 639, in urlopen
    _stacktrace=sys.exc_info()[2])
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/urllib3/util/retry.py", line 388, in increment
    raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='192.168.56.100', port=443): Max retries exceeded with url: /taxii/ (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)'),))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "stix2Taxii.py", line 8, in <module>
    print(server.title)
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/taxii2client/__init__.py", line 497, in title
    self._ensure_loaded()
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/taxii2client/__init__.py", line 522, in _ensure_loaded
    self.refresh()
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/taxii2client/__init__.py", line 525, in refresh
    response = self._conn.get(self.url, accept=MEDIA_TYPE_TAXII_V20)
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/taxii2client/__init__.py", line 571, in get
    resp = self.session.get(url, headers=headers, params=params)
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/requests/sessions.py", line 521, in get
    return self.request('GET', url, **kwargs)
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/requests/sessions.py", line 508, in request
    resp = self.send(prep, **send_kwargs)
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/requests/sessions.py", line 618, in send
    r = adapter.send(request, **kwargs)
  File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/requests/adapters.py", line 506, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='192.168.56.100', port=443): Max retries exceeded with url: /taxii/ (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)'),))
@philroyer-phantom
Copy link
Contributor

Can you work around this by making your own HTTPConnection and setting verify=False?

Using the latest from master...

from taxii2client import Server, _HTTPConnection
server = Server('https://192.168.56.100/taxii/', conn=_HTTPConnection('https://192.168.56.100/taxii/', user='admin', password='letmein', verify=False))

print(server.title)

as a real fix we could expose the verify parameter to Server.__init__()

@m0jtaba
Copy link
Author

m0jtaba commented Mar 6, 2018

@philroyer-phantom tried your method and got the error below:

Traceback (most recent call last):
File "stix2Taxii.py", line 35, in <module>
server = Server('https://192.168.56.100/taxii/', conn=_HTTPConnection('https://192.168.56.100/taxii/', user='guest', password='guest', verify=False))
TypeError: __init__() got multiple values for argument 'user'

@emmanvg
Copy link
Contributor

emmanvg commented Mar 12, 2018

@m0jtaba, @philroyer-phantom was off by one argument in _HTTPConnection. Try this instead and see if it works:

from taxii2client import Server, _HTTPConnection
server = Server('https://192.168.56.100/taxii/', conn=_HTTPConnection(user='admin', password='letmein', verify=False))

print(server.title)

@emmanvg
Copy link
Contributor

emmanvg commented Mar 12, 2018
edited
Loading

Now, I do see @philroyer-phantom suggestion of exposing the verify parameter good. In addition, there is currently a problem because we are passing the conn object to the value of the verify positional parameter here.

@emmanvg
Copy link
Contributor

emmanvg commented Mar 12, 2018

@gtback, can you assign me this issue?

@gtback
Copy link
Contributor

gtback commented Mar 12, 2018

I can't right now, but I can ask @robincover to add you to the maintainers of this library (and cti-taxii-server).

@emmanvg emmanvg self-assigned this Mar 15, 2018
@gtback gtback mentioned this issue Mar 15, 2018
Closed
@m0jtaba
Copy link
Author

m0jtaba commented Mar 16, 2018

@emmanvg I tried your suggestion got the following:

Traceback (most recent call last):
  File "test.pu", line 2, in <module>
    server = Server('https://192.168.56.100/taxii/', conn=_HTTPConnection(user='admin', password='letmein', verify=False))
TypeError: __init__() got an unexpected keyword argument 'verify'

However I see that you are fixing this by exposing verify. So when that is done then it should be all good?

@emmanvg
Copy link
Contributor

emmanvg commented Mar 26, 2018

@m0jtaba have you pulled the latest changes in master?

@emmanvg emmanvg mentioned this issue Mar 28, 2018
Merged
@emmanvg emmanvg added this to the 0.3 milestone Mar 30, 2018
@gtback gtback closed this as completed in 492264c Mar 30, 2018
@treyka treyka mentioned this issue Apr 12, 2018
Closed
@gtback gtback added the bug label Jul 5, 2018
@Cyb3rWard0g Cyb3rWard0g mentioned this issue Mar 30, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@emmanvg emmanvg

Labels
bug
Projects
None yet
Milestone
0.3
Development

No branches or pull requests
4 participants
@gtback @m0jtaba @emmanvg @philroyer-phantom