search

boto / boto3

AWS SDK for Python
https://aws.amazon.com/sdk-for-python/
Apache License 2.0
8.81k stars 1.84k forks source link

SSL Validation Error: SSL validation failed for https://monitoring.us-east-1.amazonaws.com/ EOF occurred in violation of protocol (_ssl.c:2427) #4156

Closed kharigardner closed 3 weeks ago

kharigardner commented 3 weeks ago

Describe the bug

Having an issue that recently popped up when using the Cloudwatch client and get_metrics_insights,

Requests fail with the SSL validation failed for https://monitoring.us-east-1.amazonaws.com/ EOF occurred in violation of protocol (_ssl.c:2427)

When setting the client to verify=False, use_ssl=False

The following error occurs:

ResponseParserError: Unable to parse response (no element found: line 1, column 0), invalid XML received. Further retries may succeed:
b''

Expected Behavior

Expected a response for this action: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/cloudwatch/client/get_metric_data.html

Current Behavior

ResponseParserError: Unable to parse response (no element found: line 1, column 0), invalid XML received. Further retries may succeed:
b''
Requests fail with the SSL validation failed for https://monitoring.us-east-1.amazonaws.com/ EOF occurred in violation of protocol (_ssl.c:2427)

Reproduction Steps


import boto3

cloudwatch_client = boto3.client('cloudwatch')
query = [...]

cloudwatch_client.get_metric_data(
    MetricDataQueries=query,
    StartTime=datetime.datetime.utcnow() - datetime.timedelta(days=7),
    EndTime=datetime.datetime.utcnow()
)

Possible Solution

Tried to use verify=False and use_ssl=False while running locally (code runs on AWS fine), but still recieved an error

Additional Information/Context

No response

SDK version used

1.34.106

Environment details (OS name and version, etc.)

Windows 10, python 3.11

kharigardner commented 3 weeks ago

Had a teammate run the same code on their machine and got a botocore.exceptions.ConnectionClosedError: Connection was closed before we received a valid response from endpoint URL: https://monitoring.us-east-1.amazonaws.com/ error.

tim-finnigan commented 3 weeks ago

Thanks for reaching out. Can you share the query value you're using? And also the debug logs (with sensitive info redacted) which you can get by adding boto3.set_stream_logger('') to your script. SSL validation errors are often caused by proxy/certificate issues (see troubleshooting guide here) so I would look into that as well. I was just able to run get_metric_data so think this could be an issue with your query or configuration.

kharigardner commented 3 weeks ago

query_sample.txt

Query is programmatically generated via filling in values from the client.list_metrics() operation (which succeeds)

I inquired with my enterprise team regarding any networking errors related to certificate/proxy changes which were confirmed nothing changed -- i have a ticket open with AWS support right now on their end as well

log.txt

kharigardner commented 3 weeks ago

Ah, I see the issue i feel silly 😆 , wasn't filtering my query object to 500 records. works fine now. expected boto to let me know

github-actions[bot] commented 3 weeks ago

This issue is now closed. Comments on closed issues are hard for our team to see. If you need more assistance, please open a new issue that references this one.