Closed d-vbeek closed 5 months ago
VatsalJagani
commented
1 year ago @d-vbeek - I can see MaxMind is using a certificate from Cloudflare, which should be known as CA under the request module that we use to make API requests. And on our side we never fetch this issue. I have concern on why you are having SSL issue then?
d-vbeek
commented
1 year ago @VatsalJagani Thanks for your reply. The reason why we need to add an extra CA is because it is routed via a proxy certificate. When I check MaxMind certificate via the corporate network, it shows a company CA. Therefore I would like to add that CA to the truststore of this app.
VatsalJagani
commented
1 year ago @d-vbeek - You may need to update something in the code file mmdb_utils.py. You need to add verify='your-own-cert-file' (instead of False, what you added as workaround.).
This reference should be able to help you - https://levelup.gitconnected.com/solve-the-dreadful-certificate-issues-in-python-requests-module-2020d922c72f
VatsalJagani
commented
5 months ago @d-vbeek
We have just released the new version of v4.0.0 on Splunkbase, which will allow you to disable the cert check or add custom certificate file.
https://splunkbase.splunk.com/app/5482
See the release notes and other documentation here - https://github.com/CrossRealms/Splunk-App-Auto-Update-MaxMind-Database
Question here. I've installed the app as documented. But I'm running into an issue that the Root CA is not recognized and therefore the SSL connection is refused.
I did work around this right now by editting mmdb_utils.py by addin verfiy=False to the requests.get.
Within other apps in Splunk there is a certifi directory within the bin directory that contains a cacert.pem file, so you can add extra Root CA certificates. Is it possible to add a functionality or something similarly to this app?
TIA