Closed shannaniggans closed 7 months ago
Needed to add in the ssl cert verify to be able to connect to a MISP instance over SSL with a self signed cert.
Error previously:
yeti-tasks | [2024-03-21 04:16:44,631: INFO/MainProcess] Task core.taskscheduler.run_task[84b04add-de62-461a-8a79-ba39b675ea13] received yeti-tasks | [2024-03-21 04:16:44,636: INFO/MainProcess] Running task MispFeed (TaskType.feed) yeti-tasks | [2024-03-21 04:16:44,680: ERROR/MainProcess] Traceback (most recent call last): yeti-tasks | File "/root/.cache/pypoetry/virtualenvs/yeti-9TtSrW0h-py3.10/lib/python3.10/site-packages/urllib3/connectionpool.py", line 467, in _make_request yeti-tasks | self._validate_conn(conn) yeti-tasks | File "/root/.cache/pypoetry/virtualenvs/yeti-9TtSrW0h-py3.10/lib/python3.10/site-packages/urllib3/connectionpool.py", line 1099, in _validate_conn yeti-tasks | conn.connect() yeti-tasks | File "/root/.cache/pypoetry/virtualenvs/yeti-9TtSrW0h-py3.10/lib/python3.10/site-packages/urllib3/connection.py", line 653, in connect yeti-tasks | sock_and_verified = _ssl_wrap_socket_and_match_hostname( yeti-tasks | File "/root/.cache/pypoetry/virtualenvs/yeti-9TtSrW0h-py3.10/lib/python3.10/site-packages/urllib3/connection.py", line 806, in _ssl_wrap_socket_and_match_hostname yeti-tasks | ssl_sock = ssl_wrap_socket( yeti-tasks | File "/root/.cache/pypoetry/virtualenvs/yeti-9TtSrW0h-py3.10/lib/python3.10/site-packages/urllib3/util/ssl_.py", line 465, in ssl_wrap_socket yeti-tasks | ssl_sock = _ssl_wrap_socket_impl(sock, context, tls_in_tls, server_hostname) yeti-tasks | File "/root/.cache/pypoetry/virtualenvs/yeti-9TtSrW0h-py3.10/lib/python3.10/site-packages/urllib3/util/ssl_.py", line 509, in _ssl_wrap_socket_impl yeti-tasks | return ssl_context.wrap_socket(sock, server_hostname=server_hostname) yeti-tasks | File "/usr/local/lib/python3.10/ssl.py", line 513, in wrap_socket yeti-tasks | return self.sslsocket_class._create( yeti-tasks | File "/usr/local/lib/python3.10/ssl.py", line 1104, in _create yeti-tasks | self.do_handshake() yeti-tasks | File "/usr/local/lib/python3.10/ssl.py", line 1375, in do_handshake yeti-tasks | self._sslobj.do_handshake() yeti-tasks | ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:1007) yeti-tasks | yeti-tasks | During handling of the above exception, another exception occurred: yeti-tasks | yeti-tasks | Traceback (most recent call last): yeti-tasks | File "/root/.cache/pypoetry/virtualenvs/yeti-9TtSrW0h-py3.10/lib/python3.10/site-packages/urllib3/connectionpool.py", line 793, in urlopen yeti-tasks | response = self._make_request( yeti-tasks | File "/root/.cache/pypoetry/virtualenvs/yeti-9TtSrW0h-py3.10/lib/python3.10/site-packages/urllib3/connectionpool.py", line 491, in _make_request yeti-tasks | raise new_e yeti-tasks | urllib3.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:1007) yeti-tasks | yeti-tasks | The above exception was the direct cause of the following exception: yeti-tasks | yeti-tasks | Traceback (most recent call last): yeti-tasks | File "/root/.cache/pypoetry/virtualenvs/yeti-9TtSrW0h-py3.10/lib/python3.10/site-packages/requests/adapters.py", line 486, in send yeti-tasks | resp = conn.urlopen( yeti-tasks | File "/root/.cache/pypoetry/virtualenvs/yeti-9TtSrW0h-py3.10/lib/python3.10/site-packages/urllib3/connectionpool.py", line 847, in urlopen yeti-tasks | retries = retries.increment( yeti-tasks | File "/root/.cache/pypoetry/virtualenvs/yeti-9TtSrW0h-py3.10/lib/python3.10/site-packages/urllib3/util/retry.py", line 515, in increment yeti-tasks | raise MaxRetryError(_pool, url, reason) from reason # type: ignore[arg-type] yeti-tasks | urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='192.168.50.66', port=443): Max retries exceeded with url: /servers/getVersion (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:1007)'))) yeti-tasks | yeti-tasks | During handling of the above exception, another exception occurred: yeti-tasks | yeti-tasks | Traceback (most recent call last): yeti-tasks | File "/root/.cache/pypoetry/virtualenvs/yeti-9TtSrW0h-py3.10/lib/python3.10/site-packages/pymisp/api.py", line 202, in __init__ yeti-tasks | response = self.recommended_pymisp_version yeti-tasks | File "/root/.cache/pypoetry/virtualenvs/yeti-9TtSrW0h-py3.10/lib/python3.10/site-packages/pymisp/api.py", line 270, in recommended_pymisp_version yeti-tasks | misp_version = self.misp_instance_version yeti-tasks | File "/usr/local/lib/python3.10/functools.py", line 981, in __get__ yeti-tasks | val = self.func(instance) yeti-tasks | File "/root/.cache/pypoetry/virtualenvs/yeti-9TtSrW0h-py3.10/lib/python3.10/site-packages/pymisp/api.py", line 299, in misp_instance_version yeti-tasks | response = self._prepare_request('GET', 'servers/getVersion') yeti-tasks | File "/root/.cache/pypoetry/virtualenvs/yeti-9TtSrW0h-py3.10/lib/python3.10/site-packages/pymisp/api.py", line 3792, in _prepare_request yeti-tasks | return self.__session.send(prepped, timeout=self.timeout, **settings) yeti-tasks | File "/root/.cache/pypoetry/virtualenvs/yeti-9TtSrW0h-py3.10/lib/python3.10/site-packages/requests/sessions.py", line 703, in send yeti-tasks | r = adapter.send(request, **kwargs) yeti-tasks | File "/root/.cache/pypoetry/virtualenvs/yeti-9TtSrW0h-py3.10/lib/python3.10/site-packages/requests/adapters.py", line 517, in send yeti-tasks | raise SSLError(e, request=request) yeti-tasks | requests.exceptions.SSLError: HTTPSConnectionPool(host='192.168.50.66', port=443): Max retries exceeded with url: /servers/getVersion (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:1007)'))) yeti-tasks | yeti-tasks | During handling of the above exception, another exception occurred: yeti-tasks | yeti-tasks | Traceback (most recent call last): yeti-tasks | File "/app/core/taskmanager.py", line 79, in run_task yeti-tasks | task.run() yeti-tasks | File "/app/plugins/feeds/public/misp.py", line 89, in run yeti-tasks | self.get_organisations(instance) yeti-tasks | File "/app/plugins/feeds/public/misp.py", line 39, in get_organisations yeti-tasks | misp_client = PyMISP(url=instance["url"], key=instance["key"]) yeti-tasks | File "/root/.cache/pypoetry/virtualenvs/yeti-9TtSrW0h-py3.10/lib/python3.10/site-packages/pymisp/api.py", line 234, in __init__ yeti-tasks | raise PyMISPError(f'Unable to connect to MISP ({self.root_url}). Please make sure the API key and the URL are correct (http/https is required): {e}') yeti-tasks | pymisp.exceptions.PyMISPError: Unable to connect to MISP (https://x.x.x.x/). Please make sure the API key and the URL are correct (http/https is required): HTTPSConnectionPool(host='x.x.x.x', port=443): Max retries exceeded with url: /servers/getVersion (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:1007)')))
Needed to add in the ssl cert verify to be able to connect to a MISP instance over SSL with a self signed cert.
Error previously: