Open itsecforu opened 3 years ago
no ideas ? :-(
Hi. Do you have a valid SSL certificate on your GitLab instance?
I imagine this is caused as the requests library sets SSL verify as true by default, and it’s configured in GitLab Watchman to verify SSL as well.
It’s debatable the merits of turning this off, and I ’m reluctant to change it to not check by default as really most environments should be using a valid SSL certificate for GitLab instances.
If you’re building from source, you could change it yourself by modifying line 29 in gitlab-watchman/gitlab_watchman/gitlab_wrapper.py to verify_ssl=False
Let me know how it goes.
Hey! Thx u for feedback!
Cert valid to 4757 year :-D
I use self-signed certificate.
I tried to add rootca.cert to /etc/pki/ca-certs/source/anchors
/ , but it still doesnt work.
with verify_ssl=False i got this output:
gitlab-watchman --timeframe a --all
No logging option selected, defaulting to Stdout
{"localtime": "2021-02-11 16:15:23,648", "level": "INFO", "source": "GitLab Watchman", "message": "GitLab Watchman started execution"}
{"localtime": "2021-02-11 16:15:23,649", "level": "INFO", "source": "GitLab Watchman", "message": "Version: 1.4.0"}
{"localtime": "2021-02-11 16:15:23,649", "level": "INFO", "source": "GitLab Watchman", "message": "Importing rules..."}
{"localtime": "2021-02-11 16:15:23,753", "level": "INFO", "source": "GitLab Watchman", "message": "31 rules loaded"}
{"localtime": "2021-02-11 16:15:23,753", "level": "INFO", "source": "GitLab Watchman", "message": "Getting everything..."}
{"localtime": "2021-02-11 16:15:23,753", "level": "INFO", "source": "GitLab Watchman", "message": "Searching for Passwords in blobs"}
HTTPSConnectionPool(host='gitlab.my.local', port=443): Max retries exceeded with url: /api/v4/search?scope=blobs&search=%22password%3A%22+-%28svg%7Cpng%7Cjpeg%7Cjpg%29&per_page=100&page= (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:877)'),))
{"localtime": "2021-02-11 16:23:30,186", "level": "CRITICAL", "source": "GitLab Watchman", "message": "'NoneType' object has no attribute 'headers'"}
{"localtime": "2021-02-11 16:23:30,186", "level": "INFO", "source": "GitLab Watchman", "message": "Searching for Passwords in commits"}
any ideas?
Hey!
I got the
error Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED
on every stepHow can i disable it to check without SSL?