Closed weswitt closed 1 year ago
well i just discovered that the error message is in fact correct (of course). the cert has expired. i didn't realize that the UDM uses a different cert for port 443 and 8443. so i need to figure out how to renew the 8443 port cert. i tried adding "verify=False" to the "resp = ses.send(ses.prepare_request(request))" line of code but it has no effect. anyone know how to renew this cert?
ok, i installed my site's wildcard cert for my domain. now when i navigate to the web management ui the browser knows that the site is secure and all is well. however, when i try to connect with unifycontrol i get the exception: "[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain". i know that the cert is NOT self signed. the cert is a wildcard cert purchased from a CA and is valid.
this appears to be an issue with python. i found that using "pip install pip_system_certs" resolves the issue.
I'm trying to get a basic script working that just does a connection. Problem is that it does not like my SSL cert on my UDM. It claims that the cert has expired and will not connect. This does not seem to be true. I can view the cert in the browser or print & decode the cert from the script and see the following.
How can I make this work?
Certificate Information: Common Name: unifi.local Subject Alternative Names: unifi.local, localhost, [::1], IP Address:127.0.0.1, IP Address:FE80:0:0:0:0:0:0:1 Valid From: September 13, 2022 Valid To: December 16, 2024 Serial Number: 77bfabe473a0d81532
My code: import unificontrol client = unificontrol.UnifiClient(host="192.168.10.1", username="myusername", password="my password", site="default")
The error I'm getting is:
Traceback (most recent call last): File "C:\Users\wesw\AppData\Local\Programs\Python\Python39\lib\site-packages\urllib3\connectionpool.py", line 703, in urlopen httplib_response = self._make_request( File "C:\Users\wesw\AppData\Local\Programs\Python\Python39\lib\site-packages\urllib3\connectionpool.py", line 386, in _make_request self._validate_conn(conn) File "C:\Users\wesw\AppData\Local\Programs\Python\Python39\lib\site-packages\urllib3\connectionpool.py", line 1042, in _validate_conn conn.connect() File "C:\Users\wesw\AppData\Local\Programs\Python\Python39\lib\site-packages\urllib3\connection.py", line 414, in connect self.sock = ssl_wrapsocket( File "C:\Users\wesw\AppData\Local\Programs\Python\Python39\lib\site-packages\urllib3\util\ssl.py", line 453, in ssl_wrap_socket ssl_sock = _ssl_wrap_socket_impl(sock, context, tls_intls) File "C:\Users\wesw\AppData\Local\Programs\Python\Python39\lib\site-packages\urllib3\util\ssl.py", line 495, in _ssl_wrap_socket_impl return ssl_context.wrap_socket(sock) File "C:\Users\wesw\AppData\Local\Programs\Python\Python39\lib\ssl.py", line 500, in wrap_socket return self.sslsocket_class._create( File "C:\Users\wesw\AppData\Local\Programs\Python\Python39\lib\ssl.py", line 1040, in _create self.do_handshake() File "C:\Users\wesw\AppData\Local\Programs\Python\Python39\lib\ssl.py", line 1309, in do_handshake self._sslobj.do_handshake() ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: certificate has expired (_ssl.c:1122)
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "C:\Users\wesw\AppData\Local\Programs\Python\Python39\lib\site-packages\requests\adapters.py", line 489, in send resp = conn.urlopen( File "C:\Users\wesw\AppData\Local\Programs\Python\Python39\lib\site-packages\urllib3\connectionpool.py", line 787, in urlopen retries = retries.increment( File "C:\Users\wesw\AppData\Local\Programs\Python\Python39\lib\site-packages\urllib3\util\retry.py", line 592, in increment raise MaxRetryError(_pool, url, error or ResponseError(cause)) urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='192.168.10.1', port=8443): Max retries exceeded with url: /api/s/default/stat/guest (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: certificate has expired (_ssl.c:1122)')))
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "D:\dev\src\tools\unifi\test.py", line 10, in
clients = client.list_guests(within=24)
File "d:\src\unificontrol\unificontrol\metaprogram.py", line 125, in wrapper
return instance(client, *a, kw)
File "d:\src\unificontrol\unificontrol\metaprogram.py", line 103, in call
return client._execute(url, self._method, rest_dict, need_login=self._need_login)
File "d:\src\unificontrol\unificontrol\unifi.py", line 96, in _execute
resp = ses.send(ses.prepare_request(request))
File "C:\Users\wesw\AppData\Local\Programs\Python\Python39\lib\site-packages\requests\sessions.py", line 701, in send
r = adapter.send(request, kwargs)
File "C:\Users\wesw\AppData\Local\Programs\Python\Python39\lib\site-packages\requests\adapters.py", line 563, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='192.168.10.1', port=8443): Max retries exceeded with url: /api/s/default/stat/guest (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: certificate has expired (_ssl.c:1122)')))