search

carbonblack / cb-skyatp-connector

connector for Juniper Network's Sky ATP api
MIT License
0 stars 1 forks source link

Sky atp URL should be configurable #5

Open zacharyestep opened 5 years ago

xinleizhao commented 5 years ago

Trying to connect with apac sky ATP on 9.0.2 and this was seen. Seems to be cert issue.

2018-12-18 12:02:17,515: bridge: INFO: starting Carbon Black <-> SkyATP Bridge
2018-12-18 12:02:17,518: connectionpool: DEBUG: Starting new HTTPS connection (1): api-apac.sky.junipersecurity.net:443
2018-12-18 12:02:17,910: connection: ERROR: Certificate did not match expected hostname: api-apac.sky.junipersecurity.net. Certificate: {'crlDistributionPoints': (u'http://gp.symcb.com/gp.crl',), 'subjectAltName': (('DNS', 'api.sky.junipersecurity.net'),), 'notBefore': u'Sep 22 00:00:00 2016 GMT', 'caIssuers': (u'http://gp.symcb.com/gp.crt',), 'OCSP': (u'http://gp.symcd.com',), 'serialNumber': u'792AD12896B93FD2C0250EE9B98F4163', 'notAfter': 'Sep 22 23:59:59 2019 GMT', 'version': 3L, 'subject': ((('commonName', u'api.sky.junipersecurity.net'),),), 'issuer': ((('countryName', u'US'),), (('organizationName', u'GeoTrust Inc.'),), (('commonName', u'RapidSSL SHA256 CA'),))}
2018-12-18 12:02:17,911: daemon: CRITICAL: HTTPSConnectionPool(host='api-apac.sky.junipersecurity.net', port=443): Max retries exceeded with url: /v1/skyatp/infected_hosts/blacklist (Caused by SSLError(CertificateError("hostname 'api-apac.sky.junipersecurity.net' doesn't match 'api.sky.junipersecurity.net'",),)) (SSLError)
2018-12-18 12:02:17,911: daemon: CRITICAL: Traceback: Traceback (most recent call last):
  File "site-packages/cbint/utils/daemon.py", line 218, in start
  File "cbopensource/connectors/skyatp/bridge.py", line 87, in run
  File "cbopensource/connectors/skyatp/skyatp_api.py", line 31, in infected_hosts_wlbl
  File "site-packages/requests/sessions.py", line 546, in get
  File "site-packages/requests/sessions.py", line 533, in request
  File "site-packages/requests/sessions.py", line 646, in send
  File "site-packages/requests/adapters.py", line 514, in send
SSLError: HTTPSConnectionPool(host='api-apac.sky.junipersecurity.net', port=443): Max retries exceeded with url: /v1/skyatp/infected_hosts/blacklist (Caused by SSLError(CertificateError("hostname 'api-apac.sky.junipersecurity.net' doesn't match 'api.sky.junipersecurity.net'",),))