search

imperva / incapsula-logs-downloader

A Python script for downloading log files from Incapsula
MIT License
30 stars 35 forks source link

SSL unknown error _ssl.c:3063 #22

Closed derricksong closed 8 months ago

derricksong commented 3 years ago

[root@splunk-cluster-lpi-072482 infosec-incapsula-logger]# /usr/bin/python /opt/infosec-incapsula-logger/script/LogsDownloader.py -c /opt/infosec-incapsula-logger/incapsula-configs/supplychain/ -l /opt/infosec-incapsula-logger/log/supplychain/ -v debug error 2020-12-03 23:10:17,500 DEBUG Initializing LogsDownloader 2020-12-03 23:10:17,500 INFO LogsDownloader initializing is done 2020-12-03 23:10:17,501 INFO No last downloaded file is found - downloading index file and starting to download all the log files in it 2020-12-03 23:10:17,501 INFO Downloading logs index file... ('Request failed:', MaxRetryError(u"HTTPSConnectionPool(host=u'logs1.incapsula.com', port=443): Max retries exceeded with url: /REDACTED/logs.index (Caused by SSLError(SSLError(0, u'unknown error (_ssl.c:3063)'),))",)) 2020-12-03 23:10:17,625 ERROR An error has occur while making a open connection to https://logs1.incapsula.com/REDACTED/logs.index. unknown error (_ssl.c:3063) 2020-12-03 23:10:17,626 ERROR Failed to downloading index file and starting to download all the log files in it - Connection error, Traceback (most recent call last): File "/opt/infosec-incapsula-logger/script/LogsDownloader.py", line 126, in get_log_files self.logs_file_index.download() File "/opt/infosec-incapsula-logger/script/LogsDownloader.py", line 470, in download file_content = self.file_downloader.request_file_content(self.config.BASE_URL + "logs.index") File "/opt/infosec-incapsula-logger/script/LogsDownloader.py", line 610, in request_file_content raise Exception("Connection error") Exception: Connection error

2020-12-03 23:10:17,626 INFO Sleeping for 30 seconds before trying to fetch logs again...

===== This is pretty frustrating because this used to work perfectly fine... I viewed logs1.incapsula.com in a browser to verify what the root CA was, pulled that from my OS X keychain, uploaded that to my log server, turned USE_CUSTOM_CA_FILE on... and now instead of getting a SSL VERIFY error (like others have already reported) I'm now getting a generic SSL unknown error

guero2099 commented 3 years ago

you need to download the cert and use it as custom cert.

preetibilling commented 2 years ago

I have the cert but how to use it as a custom cert. Can you please elaborate as I am also getting unknown error (_ssl.c:3063) error ?

guero2099 commented 2 years ago

follow these steps https://github.com/imperva/incapsula-logs-downloader/issues/31