SSL failed: certificate has expired

[FIXERMAN]

[20:42:01] [CRITICAL] Internal error: HTTPSConnectionPool(host='cfm.etisalat.ae', port=443): Max retries exceeded with url: / (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: certificate has expired (_ssl.c:1007)'))) Traceback (most recent call last): File "/home/fixer/.local/lib/python3.10/site-packages/urllib3/connectionpool.py", line 597, in urlopen httplib_response = self._make_request(conn, method, url, File "/home/fixer/.local/lib/python3.10/site-packages/urllib3/connectionpool.py", line 343, in _make_request self._validate_conn(conn) File "/home/fixer/.local/lib/python3.10/site-packages/urllib3/connectionpool.py", line 839, in _validate_conn conn.connect() File "/home/fixer/.local/lib/python3.10/site-packages/urllib3/connection.py", line 337, in connect self.sock = ssl_wrapsocket( File "/home/fixer/.local/lib/python3.10/site-packages/urllib3/util/ssl.py", line 345, in ssl_wrap_socket return context.wrap_socket(sock, server_hostname=server_hostname) File "/usr/lib/python3.10/ssl.py", line 513, in wrap_socket return self.sslsocket_class._create( File "/usr/lib/python3.10/ssl.py", line 1071, in _create self.do_handshake() File "/usr/lib/python3.10/ssl.py", line 1342, in do_handshake self._sslobj.do_handshake()

how can I get around this? type -from -do not check certificate

[nabab47]

I'm actively coming up against this same thing on a web server using a self-signed certificate. I don't know if there is actively a flag you can set to do this, however, my attack plan is to change all of the requests calls to use the parameter verify=False which should bypass the self-signed cert failure. Hope this helps!

[mothballs-x]

I'm actively coming up against this same thing on a web server using a self-signed certificate. I don't know if there is actively a flag you can set to do this, however, my attack plan is to change all of the requests calls to use the parameter verify=False which should bypass the self-signed cert failure. Hope this helps!

Did you end up doing this? Was going to try this, but I foresee it being a bit of a pain in the ass...

[nabab47]

I'm actively coming up against this same thing on a web server using a self-signed certificate. I don't know if there is actively a flag you can set to do this, however, my attack plan is to change all of the requests calls to use the parameter verify=False which should bypass the self-signed cert failure. Hope this helps!

Did you end up doing this? Was going to try this, but I foresee it being a bit of a pain in the ass...

I did and while yes a pain in the butt, I was able to get through all the changes in about 30 minutes with Ctrl + F. It does work after doing this though so worth it I suppose.

[mothballs-x]

I'm actively coming up against this same thing on a web server using a self-signed certificate. I don't know if there is actively a flag you can set to do this, however, my attack plan is to change all of the requests calls to use the parameter verify=False which should bypass the self-signed cert failure. Hope this helps!

Did you end up doing this? Was going to try this, but I foresee it being a bit of a pain in the ass...

I did and while yes a pain in the butt, I was able to get through all the changes in about 30 minutes with Ctrl + F. It does work after doing this though so worth it I suppose.

Did you only have to change all the .get() and .post() request session object methods or were there others that one might not expect? Times like these I wish I was a sed/awk master, or that I could get certifi do do something like this.

Spent way to much time trying to set up and nginx rev-proxy to trick pwnPSS int trustingly test lab cert, but I think the concept was wrong-headed from the start.