search

microsoft / restler-fuzzer

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
MIT License
2.59k stars 296 forks source link

Unknown error: 'Exception Creating Socket: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1108) #636

Open painsAgains opened 2 years ago

painsAgains commented 2 years ago

Description

Hello! When I use fuzz-lean mode to test a service that requires authentication, I succeed. dotnet "../restler_bin/restler/Restler.dll" fuzz-lean --grammar_file "./Compile/grammar.py" --dictionary_file "./Compile/dict.json" --settings "./Compile/engine_settings.json" And --no_ssl option I have also tried But they are all invalid requests.

image When I checked the network-testing log file I found every single request received a error message as: image

At first I thought the service ip or the authentication file was wrong,but when I used curl command,I successed. curl -k --cert /etc/service/pki/xxxx.crt --key /etc/service/pki/xxxx.key https://xxxx:6443/api/v1 image My engine_settings.json as following:

{
  "per_resource_settings": {},
  "max_combinations": 20,
  "client_certificate_path":"/etc/service/pki/xxx.crt",
  "client_certificate_key_path":"/etc/service/pki/xxxx.key",
  "host":"xxxx:6443"
}

I really can't figure out what went wrong,so if someone can solve my problem, I would be grateful a lot Thanks!

painsAgains commented 2 years ago

Description

Hello! When I use fuzz-lean mode to test a service that requires authentication, I succeed. dotnet "../restler_bin/restler/Restler.dll" fuzz-lean --grammar_file "./Compile/grammar.py" --dictionary_file "./Compile/dict.json" --settings "./Compile/engine_settings.json" And --no_ssl option I have also tried But they are all invalid requests.

image When I checked the network-testing log file I found every single request received a error message as: image

At first I thought the service ip or the authentication file was wrong,but when I used curl command,I successed. curl -k --cert /etc/service/pki/xxxx.crt --key /etc/service/pki/xxxx.key https://xxxx:6443/api/v1 image My engine_settings.json as following:

{
  "per_resource_settings": {},
  "max_combinations": 20,
  "client_certificate_path":"/etc/service/pki/xxx.crt",
  "client_certificate_key_path":"/etc/service/pki/xxxx.key",
  "host":"xxxx:6443"
}

I really can't figure out what went wrong,so if someone can solve my problem, I would be grateful a lot Thanks!

I reset the host field in API spec rather than in setting file, and retried. The above problem was solved, but I encountered a new problem: image I know it's a problem with python lacking certificate authentication, but I don't know where to add the certificate from (I've specified the path to the certificate in the settings file, do I need to add it again?

HarshithaKishorBosch commented 4 months ago

Hello, Could you please let me know if you were able to fix this issue? I'm facing the same issue too image

Thank you