pyArango icon indicating copy to clipboard operation
pyArango copied to clipboard

Published 20 hours ago verified publisher icon ArangoDB-Community

Connect to SSL server

Open cer1969 opened this issue 7 years ago • 6 comments

I have arangodb running on ssl protected server. Admin interface is running ok.

When I try to connect using: conn = Connection(arangoURL="https://www.test.com:12345", username="root", password="password")

(python 3.5 on windows 7)

I got an SSL error: ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)

complete traceback:

Traceback (most recent call last):
  File "C:\Users\crecheverria\Devel\z_venvs\py64-3.5.1-gen\lib\site-packages\requests\packages\urllib3\connectionpool.py", line 595, in urlopen
    chunked=chunked)
  File "C:\Users\crecheverria\Devel\z_venvs\py64-3.5.1-gen\lib\site-packages\requests\packages\urllib3\connectionpool.py", line 352, in _make_request
    self._validate_conn(conn)
  File "C:\Users\crecheverria\Devel\z_venvs\py64-3.5.1-gen\lib\site-packages\requests\packages\urllib3\connectionpool.py", line 831, in _validate_conn
===
Unable to establish connection, perhaps arango is not running.
===
    conn.connect()
  File "C:\Users\crecheverria\Devel\z_venvs\py64-3.5.1-gen\lib\site-packages\requests\packages\urllib3\connection.py", line 289, in connect
    ssl_version=resolved_ssl_version)
  File "C:\Users\crecheverria\Devel\z_venvs\py64-3.5.1-gen\lib\site-packages\requests\packages\urllib3\util\ssl_.py", line 308, in ssl_wrap_socket
    return context.wrap_socket(sock, server_hostname=server_hostname)
  File "C:\Users\crecheverria\Apps\WinPython\64bit-3.5.1.1\python-3.5.1.amd64\lib\ssl.py", line 376, in wrap_socket
    _context=self)
  File "C:\Users\crecheverria\Apps\WinPython\64bit-3.5.1.1\python-3.5.1.amd64\lib\ssl.py", line 747, in __init__
    self.do_handshake()
  File "C:\Users\crecheverria\Apps\WinPython\64bit-3.5.1.1\python-3.5.1.amd64\lib\ssl.py", line 983, in do_handshake
    self._sslobj.do_handshake()
  File "C:\Users\crecheverria\Apps\WinPython\64bit-3.5.1.1\python-3.5.1.amd64\lib\ssl.py", line 628, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
  File "C:\Users\crecheverria\Devel\z_venvs\py64-3.5.1-gen\lib\site-packages\requests\adapters.py", line 423, in send
    timeout=timeout
  File "C:\Users\crecheverria\Devel\z_venvs\py64-3.5.1-gen\lib\site-packages\requests\packages\urllib3\connectionpool.py", line 621, in urlopen
    raise SSLError(e)
requests.packages.urllib3.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
  File "c:\Users\crecheverria\Devel\SGOT\fallas\v_python\arangodb3\test_02.py", line 13, in <module>
    conn = Connection(arangoURL="https://arango.xer.cl:22754", username="root", password="calipso01")
  File "C:\Users\crecheverria\Devel\z_venvs\py64-3.5.1-gen\lib\site-packages\pyArango\connection.py", line 103, in __init__
    self.reload()
  File "C:\Users\crecheverria\Devel\z_venvs\py64-3.5.1-gen\lib\site-packages\pyArango\connection.py", line 120, in reload
    r = self.session.get(self.databasesURL)
  File "C:\Users\crecheverria\Devel\z_venvs\py64-3.5.1-gen\lib\site-packages\pyArango\connection.py", line 38, in __call__
    ret = self.fct(*args, **kwargs)
  File "C:\Users\crecheverria\Devel\z_venvs\py64-3.5.1-gen\lib\site-packages\requests\sessions.py", line 488, in get
    return self.request('GET', url, **kwargs)
  File "C:\Users\crecheverria\Devel\z_venvs\py64-3.5.1-gen\lib\site-packages\requests\sessions.py", line 475, in request
    resp = self.send(prep, **send_kwargs)
  File "C:\Users\crecheverria\Devel\z_venvs\py64-3.5.1-gen\lib\site-packages\requests\sessions.py", line 596, in send
    r = adapter.send(request, **kwargs)
  File "C:\Users\crecheverria\Devel\z_venvs\py64-3.5.1-gen\lib\site-packages\requests\adapters.py", line 497, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)

cer1969 avatar Sep 07 '16 13:09 cer1969

Getting the same Error, I guess it is because your SSL Certificate is Self-Signed/Not-Trusted?

Would be great if we could get some verify true/false option!

master117 avatar Dec 14 '16 09:12 master117

i have the same problems to. anyone can solved that Error?

Thankyou,

yogi0421 avatar Feb 06 '20 12:02 yogi0421

Hi, everyone I think that adding cafiile parameter would be better than just skkipping certificate verification

alexxkn avatar May 09 '20 11:05 alexxkn

As the lib rely on requests, you can set the REQUESTS_CA_BUNDLE environment variable to provide a CA bundle.

os.environ["REQUESTS_CA_BUNDLE"]=bundle_file.crt

gggard avatar Oct 16 '20 13:10 gggard

As the lib rely on requests, you can set the REQUESTS_CA_BUNDLE environment variable to provide a CA bundle.

os.environ["REQUESTS_CA_BUNDLE"]=bundle_file.crt

IMHO I think is a little awkward to set the certificate as a global env variable specifically for Request lib. ArangoConnectionBuilder should provide a way to set the file location or the cert content, then use it in the session context.

cristiansteib avatar Nov 24 '20 02:11 cristiansteib

I am also seeing this issue. Any resolution to this problem? Thanks

sjamal1 avatar Jun 02 '21 15:06 sjamal1