search

microsoft / powerbi-jupyter

A Custom Jupyter Widget Library for Power BI
MIT License
471 stars 151 forks source link

Error with SSL certification #17

Closed tameimpalan closed 3 years ago

tameimpalan commented 3 years ago

hi guys,

i'm trying to run a sample notebook with this code (same as the documentation sample).

from powerbiclient import Report, models

from powerbiclient.authentication import DeviceCodeLoginAuthentication

device_auth = DeviceCodeLoginAuthentication()

and I'm stucked on the following error SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1129)

already searched on countless pages to see if there would be something that helps me in this. no success.

is there any way that we can ignore the SSL verification? Something like requests.get(url,verify=False)

Complete log error below.

---------------------------------------------------------------------------
SSLCertVerificationError                  Traceback (most recent call last)
c:\python39\lib\site-packages\urllib3\connectionpool.py in urlopen(self, method, url, body, headers, retries, redirect, assert_same_host, timeout, pool_timeout, release_conn, chunked, body_pos, **response_kw)
    698             # Make the request on the httplib connection object.
--> 699             httplib_response = self._make_request(
    700                 conn,

c:\python39\lib\site-packages\urllib3\connectionpool.py in _make_request(self, conn, method, url, timeout, chunked, **httplib_request_kw)
    381         try:
--> 382             self._validate_conn(conn)
    383         except (SocketTimeout, BaseSSLError) as e:

c:\python39\lib\site-packages\urllib3\connectionpool.py in _validate_conn(self, conn)
   1009         if not getattr(conn, "sock", None):  # AppEngine might not have  `.sock`
-> 1010             conn.connect()
   1011 

c:\python39\lib\site-packages\urllib3\connection.py in connect(self)
    410 
--> 411         self.sock = ssl_wrap_socket(
    412             sock=conn,

c:\python39\lib\site-packages\urllib3\util\ssl_.py in ssl_wrap_socket(sock, keyfile, certfile, cert_reqs, ca_certs, server_hostname, ssl_version, ciphers, ssl_context, ca_cert_dir, key_password, ca_cert_data, tls_in_tls)
    427     if send_sni:
--> 428         ssl_sock = _ssl_wrap_socket_impl(
    429             sock, context, tls_in_tls, server_hostname=server_hostname

c:\python39\lib\site-packages\urllib3\util\ssl_.py in _ssl_wrap_socket_impl(sock, ssl_context, tls_in_tls, server_hostname)
    471     if server_hostname:
--> 472         return ssl_context.wrap_socket(sock, server_hostname=server_hostname)
    473     else:

c:\python39\lib\ssl.py in wrap_socket(self, sock, server_side, do_handshake_on_connect, suppress_ragged_eofs, server_hostname, session)
    499         # ctx._wrap_socket()
--> 500         return self.sslsocket_class._create(
    501             sock=sock,

c:\python39\lib\ssl.py in _create(cls, sock, server_side, do_handshake_on_connect, suppress_ragged_eofs, server_hostname, context, session)
   1039                         raise ValueError("do_handshake_on_connect should not be specified for non-blocking sockets")
-> 1040                     self.do_handshake()
   1041             except (OSError, ValueError):

c:\python39\lib\ssl.py in do_handshake(self, block)
   1308                 self.settimeout(None)
-> 1309             self._sslobj.do_handshake()
   1310         finally:

SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1129)

During handling of the above exception, another exception occurred:

MaxRetryError                             Traceback (most recent call last)
c:\python39\lib\site-packages\requests\adapters.py in send(self, request, stream, timeout, verify, cert, proxies)
    438             if not chunked:
--> 439                 resp = conn.urlopen(
    440                     method=request.method,

c:\python39\lib\site-packages\urllib3\connectionpool.py in urlopen(self, method, url, body, headers, retries, redirect, assert_same_host, timeout, pool_timeout, release_conn, chunked, body_pos, **response_kw)
    782             )
--> 783             return self.urlopen(
    784                 method,

c:\python39\lib\site-packages\urllib3\connectionpool.py in urlopen(self, method, url, body, headers, retries, redirect, assert_same_host, timeout, pool_timeout, release_conn, chunked, body_pos, **response_kw)
    754 
--> 755             retries = retries.increment(
    756                 method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2]

c:\python39\lib\site-packages\urllib3\util\retry.py in increment(self, method, url, response, error, _pool, _stacktrace)
    572         if new_retry.is_exhausted():
--> 573             raise MaxRetryError(_pool, url, error or ResponseError(cause))
    574 

MaxRetryError: HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with url: /organizations/v2.0/.well-known/openid-configuration (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1129)')))

During handling of the above exception, another exception occurred:

SSLError                                  Traceback (most recent call last)
<ipython-input-21-89c3807efee2> in <module>
      6 
      7 # Initiate device authentication
----> 8 device_auth = DeviceCodeLoginAuthentication()

c:\python39\lib\site-packages\powerbiclient\authentication.py in __init__(self, client_id, scopes, tenant)
    109             scopes = DEFAULT_SCOPES
    110         self.scopes = scopes
--> 111         auth_result = self._acquire_token_device_code()
    112         super().__init__(client_id, scopes, self.authority_uri, auth_result)
    113 

c:\python39\lib\site-packages\powerbiclient\authentication.py in _acquire_token_device_code(self)
    118             dict: authentication result
    119         """
--> 120         app = msal.PublicClientApplication(client_id=self.client_id, authority=self.authority_uri)
    121         flow = app.initiate_device_flow(self.scopes)
    122 

c:\python39\lib\site-packages\msal\application.py in __init__(self, client_id, client_credential, **kwargs)
   1294         if client_credential is not None:
   1295             raise ValueError("Public Client should not possess credentials")
-> 1296         super(PublicClientApplication, self).__init__(
   1297             client_id, client_credential=None, **kwargs)
   1298 

c:\python39\lib\site-packages\msal\application.py in __init__(self, client_id, client_credential, authority, validate_authority, token_cache, http_client, verify, proxies, timeout, client_claims, app_name, app_version, client_capabilities, azure_region, exclude_scopes)
    294         # Here the self.authority will not be the same type as authority in input
    295         try:
--> 296             self.authority = Authority(
    297                 authority or "https://login.microsoftonline.com/common/",
    298                 self.http_client, validate_authority=validate_authority)

c:\python39\lib\site-packages\msal\authority.py in __init__(self, authority_url, http_client, validate_authority)
     81                     ))
     82         try:
---> 83             openid_config = tenant_discovery(
     84                 tenant_discovery_endpoint,
     85                 self.http_client)

c:\python39\lib\site-packages\msal\authority.py in tenant_discovery(tenant_discovery_endpoint, http_client, **kwargs)
    140 def tenant_discovery(tenant_discovery_endpoint, http_client, **kwargs):
    141     # Returns Openid Configuration
--> 142     resp = http_client.get(tenant_discovery_endpoint, **kwargs)
    143     if resp.status_code == 200:
    144         payload = json.loads(resp.text)  # It could raise ValueError

c:\python39\lib\site-packages\requests\sessions.py in get(self, url, **kwargs)
    553 
    554         kwargs.setdefault('allow_redirects', True)
--> 555         return self.request('GET', url, **kwargs)
    556 
    557     def options(self, url, **kwargs):

c:\python39\lib\site-packages\requests\sessions.py in request(self, method, url, params, data, headers, cookies, files, auth, timeout, allow_redirects, proxies, hooks, stream, verify, cert, json)
    540         }
    541         send_kwargs.update(settings)
--> 542         resp = self.send(prep, **send_kwargs)
    543 
    544         return resp

c:\python39\lib\site-packages\requests\sessions.py in send(self, request, **kwargs)
    653 
    654         # Send the request
--> 655         r = adapter.send(request, **kwargs)
    656 
    657         # Total elapsed time of the request (approximately)

c:\python39\lib\site-packages\requests\adapters.py in send(self, request, stream, timeout, verify, cert, proxies)
    512             if isinstance(e.reason, _SSLError):
    513                 # This branch is for urllib3 v1.22 and later.
--> 514                 raise SSLError(e, request=request)
    515 
    516             raise ConnectionError(e, request=request)

SSLError: HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with url: /organizations/v2.0/.well-known/openid-configuration (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1129)')))
droofus commented 1 year ago

I'm not sure if this will help you but I was getting the same error with notes about nbextension. I went ahead and uninstalled per https://github.com/ipython-contrib/jupyter_contrib_nbextensions/issues/1012 and did pip uninstall powerbiclient and reinstalled via pip install powerbiclient and the error disappeared.