Certificate Verify Fail when using -u -p switch

[maxaptus]

Hi,

I tried using dmarchiver -di with username password prompted and everything worked fine. However when I am using -u -p arguments to use username password in CLI, I am having following error:

C:\dmarchiver>dmarchiver.exe -u xxxxxx@gmail.com -p yyyyyyyy -di DMArchiver 0.1.7 Running on Python 3.4.4 (v3.4.4:737efcadf5a6, Dec 20 2015, 19:28:18) [MSC v.1600 32 bit (Intel)]

Traceback (most recent call last): File "site-packages\requests\packages\urllib3\connectionpool.py", line 595, in urlopen File "site-packages\requests\packages\urllib3\connectionpool.py", line 352, in _make_request File "site-packages\requests\packages\urllib3\connectionpool.py", line 831, in _validateconn File "site-packages\requests\packages\urllib3\connection.py", line 289, in con nect File "site-packages\requests\packages\urllib3\util\ssl.py", line 308, in ssl_ wrap_socket File "ssl.py", line 362, in wrap_socket File "ssl.py", line 580, in init File "ssl.py", line 807, in do_handshake ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c :600)

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "site-packages\requests\adapters.py", line 423, in send File "site-packages\requests\packages\urllib3\connectionpool.py", line 621, in urlopen requests.packages.urllib3.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:600)

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "dmarchiver\cmdline.py", line 107, in File "dmarchiver\cmdline.py", line 75, in main File "dmarchiver\core.py", line 270, in authenticate File "site-packages\requests\sessions.py", line 488, in get File "site-packages\requests\sessions.py", line 475, in request File "site-packages\requests\sessions.py", line 596, in send File "site-packages\requests\adapters.py", line 497, in send requests.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verif y failed (_ssl.c:600) Failed to execute script cmdline

[Mincka]

Hello,

This is a very strange issue. Are you sure you did not have any request interception / proxy tool running at the same time you use the -u and -p flags? Like Fiddler, Zap, Burp, Wireshark...

I don't understand how the new options could be related to the SSL validation. This kind of error however occurs when using web debugging proxies or when you use the tool in an enterprise which enforces SSL interception.

[maxaptus]

I'm behind a restricted environment, yes, but what's bothering me is that not using -u and -p switching makes no issues. I need to automate and without -u and -p I can't automate.

I also tried to compile couple of days ago by hard coding credentials and was facing the same challenge.

[Mincka]

No request is made before the authentication so the behavior should be the same. Maybe you have a local protection on the system, which attempts to intercept the traffic at the application startup but not when interaction is required.

If you are able to recompile the cool and are not affraid that your credentials may be intercepted, you can add verify=False to all the _session.get() calls. You will still have warnings at runtime but the program execution will continue despite the invalid certificate.

[maxaptus]

Tried it, in this case no image gets downloaded :(

[Mincka]

And what kind of errors do you have in this case? Do you know which "restrictions" are in place?