xdumstr
commented
1 year ago @jonjones76 You can use ssl_verify=False when you create connection object. See the example at https://github.com/MicroStrategy/mstrio-py/blob/master/code_snippets/connect.py
Closed jonjones76 closed 1 year ago
xdumstr
commented
1 year ago @jonjones76 You can use ssl_verify=False when you create connection object. See the example at https://github.com/MicroStrategy/mstrio-py/blob/master/code_snippets/connect.py
jonjones76
commented
1 year ago Hi, this is the workaround we are currently doing but its not something we want our users doing unless absolutely necessary. Ideally we just want them to enable the extension, launch a notebook, click the Connect to MSTR red button and away they go. Modifying the code is something we want to avoid
xdumstr
commented
1 year ago @jonjones76 I highly recommend you to use a valid SSL certificate. You shouldn't use self-signed cert.
jonjones76
commented
1 year ago That’s the issue. It’s not a self signed cert, it was signed by our own CA
apiotrowskiMicroStrategy
commented
1 year ago Hi @jonjones76,
The ssl_verify=False trick is a suggested solution for your case as unfortunately, if you have your own CA in your certificate chain, mstrio-py has no way of distinguishing this from invalid certification.
However, if you really want to try to avoid not-verifying the certificate, you can try customizing the certificate_path parameter in Connection class to either certificate on your machine directly or some kind of parent certificate, based on your setup.
I cannot guarantee that your setup will work with custom path in certificate_path parameter, but this is an alternative.
However, I can guarantee that ssl_verify=False is a valid, suggested solution in your case.
@xdumstr Just FYI, based on what @jonjones76 wrote, this is a valid SSL certificate, just unfortunately "issue-prone" for Python, as we can see
apiotrowskiMicroStrategy
commented
1 year ago I am closing the issue as there is no action possible more than suggested above
Hi,
When I follow steps to enable the Jupyter Notebook extension, see below link, I get error messages relating to self signed certificates
https://github.com/MicroStrategy/mstrio-py#microstrategy-for-jupyter
The error I am getting is shown below
Retrying (Retry(total=1, connect=2, read=2, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1007)'))': /MicroStrategyLibraryNoSAML/api/status Retrying (Retry(total=0, connect=2, read=2, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1007)'))': /MicroStrategyLibraryNoSAML/api/status
The SSL certificates have been signed by our internal CA. I have also ensured they are installed on my laptop in the Trusted Root Certification Authorities and Intermediate Certification Authorities.
I know I can disable this by modifying connection.py but ideally we dont want to modify the code but resolve this self signed certificate issue