virustotal-api
virustotal-api copied to clipboard
blacktop
Using the api from behind a SSL proxy
How to use from behind a proxy server.
print(json.dumps(response, sort_keys=False, indent=4)) { "error": "HTTPSConnectionPool(host='www.virustotal.com', port=443): Max retries exceeded with url: /vtapi/v2/file/report?apikey=xxxcutxxx&resource=xxxcutxxx (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1045)')))" }
Hey @tessem, I don't believe this is an issue with the library. Your proxy server's SSL certificate is not able to be validated by Python's certificate bundle. This is a common issue in Python when using requests/urllib against endpoints that have certificates signed by internal certificate authorities.
from __future__ import print_function
import json
import hashlib
from virus_total_apis import PublicApi as VirusTotalPublicApi
API_KEY = 'Sign-Up for API Key at virustotal.com'
EICAR = "X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*".encode('utf-8')
EICAR_MD5 = hashlib.md5(EICAR).hexdigest()
proxies = {
'http': 'http://10.10.1.10:3128',
'https': 'http://10.10.1.10:1080',
}
vt = VirusTotalPublicApi(API_KEY, proxies=proxies)
response = vt.get_file_report(EICAR_MD5)
print(json.dumps(response, sort_keys=False, indent=4))
But @KadenLNelson is correct, if after you appy your proxy settings if it is still not working its because we don't support disabling ssl verification, but we could if need be.
@KadenLNelson it would just require adding support to pass through to requests' verify=False flag.
Or you could make sure the system you are running on can trust/verify your proxy's cert as well.
