search

HewlettPackard / oneview-python

Python library for HPE OneView
https://github.com/HewlettPackard/oneview-python/wiki
Apache License 2.0
28 stars 27 forks source link

Unable to connect to OneView appliance SCMB after certificate download. TSL unknown CA error #113

Closed karthikvr1 closed 3 years ago

karthikvr1 commented 3 years ago

Hi, As usual, i tried to download the certificate and use that to establish connection with OneView SCMB but in vain. Following is the log trace.

Traceback (most recent call last): File "main.py", line 156, in sys.exit(main()) File "main.py", line 148, in main ovscmb.recv(oneviewDetails["host"], oneviewDetails["route"]) File "oneview_syslog_lib/internal/scmb_utils.py", line 219, in recv conn = amqp.Connection(dest, login_method='EXTERNAL', ssl=ssl_options) File "/usr/local/lib/python3.6/site-packages/amqplib/client_0_8/connection.py", line 129, in init self.transport = create_transport(host, connect_timeout, ssl) File "/usr/local/lib/python3.6/site-packages/amqplib/client_0_8/transport.py", line 279, in create_transport return SSLTransport(host, connect_timeout, ssl) File "/usr/local/lib/python3.6/site-packages/amqplib/client_0_8/transport.py", line 179, in init super(SSLTransport, self).init(host, connect_timeout) File "/usr/local/lib/python3.6/site-packages/amqplib/client_0_8/transport.py", line 91, in init self._setup_transport() File "/usr/local/lib/python3.6/site-packages/amqplib/client_0_8/transport.py", line 191, in _setup_transport self.sslobj = ssl.wrap_socket(self.sock, **self.sslopts) File "/usr/lib64/python3.6/ssl.py", line 1117, in wrap_socket ciphers=ciphers) File "/usr/lib64/python3.6/ssl.py", line 776, in init self.do_handshake() File "/usr/lib64/python3.6/ssl.py", line 1036, in do_handshake self._sslobj.do_handshake() File "/usr/lib64/python3.6/ssl.py", line 648, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:897)

I am using python 3.6 with following libraries: amqplib (1.0.2) pyOpenSSL (20.0.0) OneView appliance ver - 5.00.00.01-0402787

Wanted to know how to resolve this issue. Thanks in advance.

VenkateshRavula commented 3 years ago

@karthikvr1 , we have made few changes in certificate authority library and also made the corresponding changes in scmb.py file in examples/scmb folder. I have mentioned the PR below and hope this fix should resolve your issue. https://github.com/HewlettPackard/oneview-python/pull/112

Please pull the latest master branch and test your scenario again once the PR got merged.

VenkateshRavula commented 3 years ago

@karthikvr1 , Since we didn't hear back from you from 1 week and also I hope the fix provided in PR #112 resolves this issue too, we are closing this issue. Please feel free to reopen if the issue reproduces.

karthikvr1 commented 3 years ago

@VenkateshRavula Thanks a ton for working on this request. Sorry for the late response. Trying to wind up on multiple deliverables. I shall test the same and update soon.