search

microsoft / azure-devops-python-api

Azure DevOps Python API
https://docs.microsoft.com/azure/devops/integrate/index?view=azure-devops
MIT License
593 stars 200 forks source link

[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get issuer certificate (_ssl.c:1007) #507

Open phil1234567891011 opened 1 month ago

phil1234567891011 commented 1 month ago

Running a pipeline on one of our ADO server I try to run the same script but it is connecting to another server

I tried using the local certificate and I tried disabling SSL check at all

Getting a connection works fine, but trying to get projects :

project_client = self.connection.clients_v7_1.get_core_client()

I always get this error

Error occurred in request., SSLError: HTTPSConnectionPool(host='**********', port=443): Max retries exceeded with url: /companyname/_apis (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get issuer certificate (_ssl.c:1007)')))

I tried using the CA path I tried disabling SSL at all I tried to run the pipeline on different pools too

I am out of ideas, any help appreciated

class Ado:
   def init_ssl_env(self):
        if not os.path.exists(Ado.certificate_path):
            return

        try:
            if self.verify_ssl:
                # Option 1: Set CA bundle to custom certificate
                os.environ['REQUESTS_CA_BUNDLE'] = Ado.certificate_path
                self.logger.info(f"Enable SSL check - REQUESTS_CA_BUNDLE = {Ado.certificate_path}")
            else:
                # Option 2: Disable SSL verification globally (not recommended for production)
                os.environ['PYTHONHTTPSVERIFY'] = '0'
                self.logger.info(f"Disable SSL check - PYTHONHTTPSVERIFY = 0")

        except Exception as e:
            self.logger.error(f"Error setting SSL: {str(e)}")
            sys.exit(1)

Here is how I get my connection:

def get_api_connection(self,url):
        '''
        Sets up a connection with the Azure Devops API via the Azure Devops python API
        (https://github.com/microsoft/azure-devops-python-api/tree/dev)

        Parameters:
            org_url (string): url of the organization

        Returns:
            <class 'azure.devops.connection.Connection'>: connection with the Azure Devops API
        '''
        _url = f"https://{url}"
        self.url = url
        try:
            credentials = BasicAuthentication('', f"{Ado.servers[url]}")
            self.connection = Connection(base_url = _url, creds = credentials)
            self.logger.info(f'Azure Devops Connection established successfully with {_url}.')
            return True
        except Exception:
            self.logger.exception(f'Error setting up Azure DevOps connection with {_url}.')
            return False