File "/usr/local/lib/python3.12/site-packages/requests/adapters.py", line 517, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='api.blueair.io', port=443): Max retries exceeded with url: /v2/user/xxxx@xxx.xxx /homehost/ (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1000)')))
/config # openssl s_client -connect api.blueair.io:443 -showcerts
CONNECTED(00000003)
depth=0 C = SE, L = Stockholm, O = Blueair AB, CN = .blueair.io
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = SE, L = Stockholm, O = Blueair AB, CN = .blueair.io
verify error:num=21:unable to verify the first certificate
verify return:1
depth=0 C = SE, L = Stockholm, O = Blueair AB, CN = *.blueair.io
verify return:1
Server certificate
subject=C = SE, L = Stockholm, O = Blueair AB, CN = *.blueair.io
issuer=C = US, O = DigiCert Inc, CN = DigiCert Global G2 TLS RSA SHA256 2020 CA1
No client certificate CA names sent
Peer signing digest: SHA512
Peer signature type: RSA
Server Temp Key: ECDH, prime256v1, 256 bits
SSL handshake has read 3986 bytes and written 442 bytes
Verification error: unable to verify the first certificate
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: EFFDB5FE168693F2715BC0C121C65B32ED534272F079A9088B41930F3624CF78
Session-ID-ctx:
Master-Key: 7132444DB8F2831A715AEB6D64B70C16D3CFDF82FC5D1AADB0832CE2E51E899CF6572D0533AD3BC669920825677A6DB1
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1707551872
Timeout : 7200 (sec)
Verify return code: 21 (unable to verify the first certificate)
Extended master secret: no
File "/usr/local/lib/python3.12/site-packages/requests/adapters.py", line 517, in send raise SSLError(e, request=request) requests.exceptions.SSLError: HTTPSConnectionPool(host='api.blueair.io', port=443): Max retries exceeded with url: /v2/user/xxxx@xxx.xxx /homehost/ (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1000)')))
/config # openssl s_client -connect api.blueair.io:443 -showcerts CONNECTED(00000003) depth=0 C = SE, L = Stockholm, O = Blueair AB, CN = .blueair.io verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 C = SE, L = Stockholm, O = Blueair AB, CN = .blueair.io verify error:num=21:unable to verify the first certificate verify return:1 depth=0 C = SE, L = Stockholm, O = Blueair AB, CN = *.blueair.io verify return:1
Certificate chain 0 s:C = SE, L = Stockholm, O = Blueair AB, CN = .blueair.io i:C = US, O = DigiCert Inc, CN = DigiCert Global G2 TLS RSA SHA256 2020 CA1 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Jan 29 00:00:00 2024 GMT; NotAfter: Feb 28 23:59:59 2025 GMT -----BEGIN CERTIFICATE----- MIIGxjCCBa6gAwIBAgIQB04AXrFp3sYZybjPjTohbjANBgkqhkiG9w0BAQsFADBZ MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjQw MTI5MDAwMDAwWhcNMjUwMjI4MjM1OTU5WjBNMQswCQYDVQQGEwJTRTESMBAGA1UE BxMJU3RvY2tob2xtMRMwEQYDVQQKEwpCbHVlYWlyIEFCMRUwEwYDVQQDDAwqLmJs dWVhaXIuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9kwm7Gue6 iKuM7djk/jovQ5SHwjhUsxtr2BNcYZRNrIiZiWgu/MFQ7isC9lztpT7BN9lA+aQ2 7v1L9+QQnD0tVPxm4GUz7MDc2nzjlDStYQLFjU2kWbqlrPKST01BCAMeSJi6vkRL A1vyxx3w85d45EHwtMUf5wwsTrEF0NV55PywTm+KHxf8SRKIJbM9xRg/darkhWA0 aA+rNRqoSi3EpvqjKKT0baAMKhbcYuyh9ZZ7Pi3zNo90+a40iPbXrAdumFcTNB6a hZwVlGfbz33z0yKyhdcyxbSKduW6vHA+gRq6M1Jg9/jnv2aLysPlnWPnvdL0ARnC zKw1CADPCKzLAgMBAAGjggOUMIIDkDAfBgNVHSMEGDAWgBR0hYDAZsffN97PvSk3 qgMdvu3NFzAdBgNVHQ4EFgQUrCluMLEtquNRODNyNxjegYSwm0UwIwYDVR0RBBww GoIMKi5ibHVlYWlyLmlvggpibHVlYWlyLmlvMD4GA1UdIAQ3MDUwMwYGZ4EMAQIC MCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAOBgNV HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGfBgNV HR8EgZcwgZQwSKBGoESGQmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2Vy dEdsb2JhbEcyVExTUlNBU0hBMjU2MjAyMENBMS0xLmNybDBIoEagRIZCaHR0cDov L2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsRzJUTFNSU0FTSEEyNTYy MDIwQ0ExLTEuY3JsMIGHBggrBgEFBQcBAQR7MHkwJAYIKwYBBQUHMAGGGGh0dHA6 Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBRBggrBgEFBQcwAoZFaHR0cDovL2NhY2VydHMu ZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsRzJUTFNSU0FTSEEyNTYyMDIwQ0Ex LTEuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2 AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABjVU6RsEAAAQDAEcw RQIhAJplDDjZpT6Y5bID4B/vc+JMTbDUhZQBA3647VUQWDpHAiB5SwMvq0IYpp72 phADF0V/VbCJII0MkFGIXxVsB9sDqgB1AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWe uQMv2Q6MLnm4AAABjVU6RnoAAAQDAEYwRAIgXM9WjhbCFrPPL56PyeJacCIsePPg tgQ58rcWe3yu8z8CIH70KZ821B45Mdg8aOCabuA1112ltDoUwqq30hJnnVwBAHcA 5tIxY0B3jMEQQQbXcbnOwdJA9paEhvu6hzId/R43jlAAAAGNVTpGnwAABAMASDBG AiEAiZjs1jwYmA492C9Sd/gkK+9g48koDt/PiODaci7yX1sCIQDzeImI2RJliGlT E7aZRxPVfep5q8x1ItUcA05X8Ied/jANBgkqhkiG9w0BAQsFAAOCAQEAbjXIueV5 lbWt5022F3H7tng6rfD8RMksfc5xhn8JMwJuO97XX5Z3lvYEl3Tkt6KIQICy7Npn 8kYMyoAXb7a4y9A/c/3xnxWiSB/tUxv98U/mGYyJThibIju1vCTCly2X8pdB88mI mrPp+RiMOE3K9nfkA+oMKw5flPWd8DhTYl3r9UosItqOKJp4Brwh99WjC3XcETsa IN+z8/gu5ZsK6/zUX5gglxu2UNitrWg7pTPb0YxPZeLtrA5IXacoYWO4/rOJyiAY 8a4q9eduR7utmo+3hSYkEqPqr+a6s8IY6klSoE5vsiEdeSsqdFLkVYWTn22xdlJK 9TPEPzPQ1mWEtg== -----END CERTIFICATE----- 1 s:C = SE, L = Stockholm, O = Blueair AB, CN = .blueair.io i:C = US, O = DigiCert Inc, CN = DigiCert Global G2 TLS RSA SHA256 2020 CA1 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Jan 29 00:00:00 2024 GMT; NotAfter: Feb 28 23:59:59 2025 GMT -----BEGIN CERTIFICATE----- MIIGxjCCBa6gAwIBAgIQB04AXrFp3sYZybjPjTohbjANBgkqhkiG9w0BAQsFADBZ MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjQw MTI5MDAwMDAwWhcNMjUwMjI4MjM1OTU5WjBNMQswCQYDVQQGEwJTRTESMBAGA1UE BxMJU3RvY2tob2xtMRMwEQYDVQQKEwpCbHVlYWlyIEFCMRUwEwYDVQQDDAwqLmJs dWVhaXIuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9kwm7Gue6 iKuM7djk/jovQ5SHwjhUsxtr2BNcYZRNrIiZiWgu/MFQ7isC9lztpT7BN9lA+aQ2 7v1L9+QQnD0tVPxm4GUz7MDc2nzjlDStYQLFjU2kWbqlrPKST01BCAMeSJi6vkRL A1vyxx3w85d45EHwtMUf5wwsTrEF0NV55PywTm+KHxf8SRKIJbM9xRg/darkhWA0 aA+rNRqoSi3EpvqjKKT0baAMKhbcYuyh9ZZ7Pi3zNo90+a40iPbXrAdumFcTNB6a hZwVlGfbz33z0yKyhdcyxbSKduW6vHA+gRq6M1Jg9/jnv2aLysPlnWPnvdL0ARnC zKw1CADPCKzLAgMBAAGjggOUMIIDkDAfBgNVHSMEGDAWgBR0hYDAZsffN97PvSk3 qgMdvu3NFzAdBgNVHQ4EFgQUrCluMLEtquNRODNyNxjegYSwm0UwIwYDVR0RBBww GoIMKi5ibHVlYWlyLmlvggpibHVlYWlyLmlvMD4GA1UdIAQ3MDUwMwYGZ4EMAQIC MCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAOBgNV HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGfBgNV HR8EgZcwgZQwSKBGoESGQmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2Vy dEdsb2JhbEcyVExTUlNBU0hBMjU2MjAyMENBMS0xLmNybDBIoEagRIZCaHR0cDov L2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsRzJUTFNSU0FTSEEyNTYy MDIwQ0ExLTEuY3JsMIGHBggrBgEFBQcBAQR7MHkwJAYIKwYBBQUHMAGGGGh0dHA6 Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBRBggrBgEFBQcwAoZFaHR0cDovL2NhY2VydHMu ZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsRzJUTFNSU0FTSEEyNTYyMDIwQ0Ex LTEuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2 AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABjVU6RsEAAAQDAEcw RQIhAJplDDjZpT6Y5bID4B/vc+JMTbDUhZQBA3647VUQWDpHAiB5SwMvq0IYpp72 phADF0V/VbCJII0MkFGIXxVsB9sDqgB1AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWe uQMv2Q6MLnm4AAABjVU6RnoAAAQDAEYwRAIgXM9WjhbCFrPPL56PyeJacCIsePPg tgQ58rcWe3yu8z8CIH70KZ821B45Mdg8aOCabuA1112ltDoUwqq30hJnnVwBAHcA 5tIxY0B3jMEQQQbXcbnOwdJA9paEhvu6hzId/R43jlAAAAGNVTpGnwAABAMASDBG AiEAiZjs1jwYmA492C9Sd/gkK+9g48koDt/PiODaci7yX1sCIQDzeImI2RJliGlT E7aZRxPVfep5q8x1ItUcA05X8Ied/jANBgkqhkiG9w0BAQsFAAOCAQEAbjXIueV5 lbWt5022F3H7tng6rfD8RMksfc5xhn8JMwJuO97XX5Z3lvYEl3Tkt6KIQICy7Npn 8kYMyoAXb7a4y9A/c/3xnxWiSB/tUxv98U/mGYyJThibIju1vCTCly2X8pdB88mI mrPp+RiMOE3K9nfkA+oMKw5flPWd8DhTYl3r9UosItqOKJp4Brwh99WjC3XcETsa IN+z8/gu5ZsK6/zUX5gglxu2UNitrWg7pTPb0YxPZeLtrA5IXacoYWO4/rOJyiAY 8a4q9eduR7utmo+3hSYkEqPqr+a6s8IY6klSoE5vsiEdeSsqdFLkVYWTn22xdlJK 9TPEPzPQ1mWEtg== -----END CERTIFICATE-----
Server certificate subject=C = SE, L = Stockholm, O = Blueair AB, CN = *.blueair.io issuer=C = US, O = DigiCert Inc, CN = DigiCert Global G2 TLS RSA SHA256 2020 CA1
No client certificate CA names sent Peer signing digest: SHA512 Peer signature type: RSA Server Temp Key: ECDH, prime256v1, 256 bits
SSL handshake has read 3986 bytes and written 442 bytes Verification error: unable to verify the first certificate
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256 Server public key is 2048 bit Secure Renegotiation IS supported No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES128-GCM-SHA256 Session-ID: EFFDB5FE168693F2715BC0C121C65B32ED534272F079A9088B41930F3624CF78 Session-ID-ctx: Master-Key: 7132444DB8F2831A715AEB6D64B70C16D3CFDF82FC5D1AADB0832CE2E51E899CF6572D0533AD3BC669920825677A6DB1 PSK identity: None PSK identity hint: None SRP username: None Start Time: 1707551872 Timeout : 7200 (sec) Verify return code: 21 (unable to verify the first certificate) Extended master secret: no
closed