self signed certificate in certificate chai

[TomInIowa]

I loved your program ... been using for years. Now it quit a few days ago. Trying to get the new version with client_id, client_secret and refresh_token to work.

In lnetatmo.py I changed just 3 things .... client_id , client_secret, refresh_token

python3 lnetatmo.py ( on mac computer using terminal )

urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727)

error3.txt

[AtsuMiyai]

I think that you need to update your lnetatomo version.

[philippelt]

This error is weird, looks like you are not talking to the right server.

Could you check the content of _BASE_URL ? it should be https://api.netatmo.com/ if you enter in a terminal the command dig +short api.netatmo.com you should get the following results

front-azure.netatmo.net.
51.145.143.28

And if you try the command curl -i https://api.netatmo.com/oauth2/token you should get the following results

HTTP/1.1 400
Server: nginx
Date: Sun, 16 Jul 2023 09:10:43 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 0
Cache-Control: no-cache, must-revalidate
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Powered-By: Netatmo

{"error":"invalid_request","error_description":"Invalid grant_type parameter or parameter missing"}

The error here is normal, the goal of the test is just to check if you are reaching the appropriate server and that the TLS handshake was successfull.

Check that you don't have a proxy enabled in your network config. Go to network config (clicking on the wifi icon on top right), tcp/ip parameters and Proxy setting. If you are a basic home user, you should not have any proxy enabled...

[TomInIowa]

Thanks for the quick response. I tried the things you suggested... got the response you said I should.

I moved to a different mac computer .. went to https://github.com/philippelt/netatmo-api-python

and downloaded the files. Change just three lines. NOW IT WORKS!!!

Thank you so much. Great coding. I'll try it on the computer where it did NOT work.

---

From: Philippe Larduinat @.> Sent: Sunday, July 16, 2023 4:15 AM To: philippelt/netatmo-api-python @.> Cc: TomInIowa @.>; Author @.> Subject: Re: [philippelt/netatmo-api-python] self signed certificate in certificate chai (Issue #54)

This error is weird, looks like you are not talking to the right server.

Could you check the content of _BASE_URL ? it should be https://api.netatmo.com/ if you enter in a terminal the command dig +short api.netatmo.com you should get the following results

front-azure.netatmo.net. 51.145.143.28

And if you try the command curl -i https://api.netatmo.com/oauth2/token you should get the following results

HTTP/1.1 400 Server: nginx Date: Sun, 16 Jul 2023 09:10:43 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Expires: 0 Cache-Control: no-cache, must-revalidate X-XSS-Protection: 1; mode=block Access-Control-Allow-Origin: * Strict-Transport-Security: max-age=31536000; includeSubDomains X-Powered-By: Netatmo

{"error":"invalid_request","error_description":"Invalid grant_type parameter or parameter missing"}

The error here is normal, the goal of the test is just to check if you are reaching the appropriate server and that the TLS handshake was successfull.

Check that you don't have a proxy enabled in your network config. Go to network config (clicking on the wifi icon on top right), tcp/ip parameters and Proxy setting. If you are a basic home user, you should not have any proxy enabled...

— Reply to this email directly, view it on GitHubhttps://github.com/philippelt/netatmo-api-python/issues/54#issuecomment-1637032728, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AHMAOCLUR4P6XIHIEE4TNCLXQOWKLANCNFSM6AAAAAA2LUFUFY. You are receiving this because you authored the thread.Message ID: @.***>

[philippelt]

Great to know you solved the problem.

Don't forget, if you finally locate the original cause to add a comment to explain what happened as it may help someone else facing same kind of issue !

[TomInIowa]

I copied the lnetatmo.py file (that works on one mac computer) back to the mac I started on. It does NOT work. I have something messed up on it.

[philippelt]

Did you check the proxy setting ? I have seen in the past a Mac infected by a malware that implemented a proxy to capture ip traffic...

This could lead to such error

[TomInIowa]

I was running python 3.8

I removed it

Had python 3.7 left

tried it..... IT works

install python 3.11 and it quit working

removed the frameworks/....version 3.11 folder

python3 --version 3.7.3 it works again

[philippelt]

You said it quit working, do you mean it worked ?

Good news it was just a mess in the python install, easy to sort out...

[philippelt]

I am using it with python 3.10. It should work fine with python 3.11

enjoy

[TomInIowa]

I installed python 3.11 two different ways .... once using homebrew (which took a long time) and. once from python org website. Both times , lnetatmo.py quit working. I'm on mac computer running Ventura 13.4.1 Going back to python 3.7. (if I can)

[philippelt]

Interesting, if I can find some time, I will give it a try on my Mac tomorrow. Usually, I install from python.org

You don't get any error message ?

[philippelt]

I just did the test... and got the same result as you at the first run.

This is due to a restriction in the python installer. It doesn't update the root certificates for python openssl. There is a shell script provided by the installer : /Applications/Python\ 3.11/Install\ Certificates.command Just run it and it will fix the problem !

I should have remember that, I did that also for the previous python mac install 😄

But today, for most computer/programming work, I am using an Ubuntu Desktop workstation and server thus I am less frequently doing things like that on my Macs that are mainly used for office/photo work.

P.S. For more details, look at https://github.com/actions/setup-python/issues/512 and https://github.com/actions/python-versions/pull/189