search

erikw / taiga-stats

Generate statistics from Taiga and produce burnup diagrams, CFDs, dependency graphs and more.
BSD 3-Clause "New" or "Revised" License
41 stars 6 forks source link

SSL: CERTIFICATE_VERIFY_FAILED #2

Closed tititestor closed 7 years ago

tititestor commented 7 years ago

Hi Erik,

Do we have a way to ignore SSL verification ? I enabled HTTPS on my taiga server.

Thanks, Titi

Sorry for my english

erikw commented 7 years ago

I did not have this problem so I don't know how python-taiga behaves with certification errors. It should be easy to see from the back trace where the problem occurs and if the right way to fix this is in my taiga-stats script or if it is a better place to solve this is in the python-taiga library. I scanned quickly the lib's docs but I did not see anything about how this problem is handled/not handled.

tititestor commented 7 years ago

Maybe a bad analyze from me. This is my error

taiga@taiga-server:~/dev/taiga-stats$ ./taiga-stats store_daily
Traceback (most recent call last):
  File "/home/taiga/.local/lib/python3.5/site-packages/requests/packages/urllib3/connectionpool.py", line 600, in urlopen
    chunked=chunked)
  File "/home/taiga/.local/lib/python3.5/site-packages/requests/packages/urllib3/connectionpool.py", line 345, in _make_request
    self._validate_conn(conn)
  File "/home/taiga/.local/lib/python3.5/site-packages/requests/packages/urllib3/connectionpool.py", line 844, in _validate_conn
    conn.connect()
  File "/home/taiga/.local/lib/python3.5/site-packages/requests/packages/urllib3/connection.py", line 326, in connect
    ssl_context=context)
  File "/home/taiga/.local/lib/python3.5/site-packages/requests/packages/urllib3/util/ssl_.py", line 324, in ssl_wrap_socket
    return context.wrap_socket(sock, server_hostname=server_hostname)
  File "/usr/lib/python3.5/ssl.py", line 377, in wrap_socket
    _context=self)
  File "/usr/lib/python3.5/ssl.py", line 752, in __init__
    self.do_handshake()
  File "/usr/lib/python3.5/ssl.py", line 988, in do_handshake
    self._sslobj.do_handshake()
  File "/usr/lib/python3.5/ssl.py", line 633, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/home/taiga/.local/lib/python3.5/site-packages/requests/adapters.py", line 423, in send
    timeout=timeout
  File "/home/taiga/.local/lib/python3.5/site-packages/requests/packages/urllib3/connectionpool.py", line 630, in urlopen
    raise SSLError(e)
requests.packages.urllib3.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/home/taiga/.local/lib/python3.5/site-packages/taiga/requestmaker.py", line 110, in get
    params=query
  File "/home/taiga/.local/lib/python3.5/site-packages/requests/api.py", line 70, in get
    return request('get', url, params=params, **kwargs)
  File "/home/taiga/.local/lib/python3.5/site-packages/requests/api.py", line 56, in request
    return session.request(method=method, url=url, **kwargs)
  File "/home/taiga/.local/lib/python3.5/site-packages/requests/sessions.py", line 488, in request
    resp = self.send(prep, **send_kwargs)
  File "/home/taiga/.local/lib/python3.5/site-packages/requests/sessions.py", line 609, in send
    r = adapter.send(request, **kwargs)
  File "/home/taiga/.local/lib/python3.5/site-packages/requests/adapters.py", line 497, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "./taiga-stats", line 804, in <module>
    sys.exit(main())
  File "./taiga-stats", line 800, in main
    return command_func(args)
  File "./taiga-stats", line 161, in wrapper
    func(args)
  File "./taiga-stats", line 459, in cmd_store_daily_stats
    project = api.projects.get(args['project_id'])
  File "/home/taiga/.local/lib/python3.5/site-packages/taiga/models/base.py", line 47, in get
    endpoint=self.instance.endpoint, id=resource_id
  File "/home/taiga/.local/lib/python3.5/site-packages/taiga/requestmaker.py", line 117, in get
    'Network error!', 'GET'
taiga.exceptions.TaigaRestException: Network error!
erikw commented 7 years ago

Okay the exception from the requests library used by python-taiga is caught here:

https://github.com/nephila/python-taiga/blob/master/taiga/requestmaker.py#L114

The requests documentation shows that SSL verification errors can be ignored by passing

verify=False

to the request function. So a quick and dirty fix is to add this verify-flag to the get() call here:

https://github.com/nephila/python-taiga/blob/master/taiga/requestmaker.py#L107

:-)

The best way to fix this is of course to set up your SSL/TLS certificates correctly ;).

tititestor commented 7 years ago

Okay, I will check Thanks

tititestor commented 7 years ago

Hi Erik,

FYI, I go back to HTTP and it's works. I will return to HTTPS in the future.

So, Thanks for your help. BR, Titi