All Apps and Add-ons

How to Disable SSL Validation in Gitlab Add-on?

iparitosh
Path Finder

I am facing following error while trying to collect logs from gitlab add on. Can anyone help me disable it. Changing the verify=True to False tor Http request function in base_modinput.py did not help as suggested on other similar question on this issue.

2020-03-31 11:33:18,582 ERROR pid=793 tid=MainThread file=base_modinput.py:log_error:307 | Get error when collecting events.
Traceback (most recent call last):
  File "/base/splunk/etc/apps/TA-gitlab-add-on/bin/ta_gitlab_add_on/modinput_wrapper/base_modinput.py", line 127, in stream_events
    self.collect_events(ew)
  File "/base/splunk/etc/apps/TA-gitlab-add-on/bin/get_events.py", line 72, in collect_events
    input_module.collect_events(self, ew)
  File "/base/splunk/etc/apps/TA-gitlab-add-on/bin/input_module_get_events.py", line 166, in collect_events
    headers=headers)
  File "/base/splunk/etc/apps/TA-gitlab-add-on/bin/ta_gitlab_add_on/modinput_wrapper/base_modinput.py", line 476, in send_http_request
    proxy_uri=self._get_proxy_uri() if use_proxy else None)
  File "/base/splunk/etc/apps/TA-gitlab-add-on/bin/ta_gitlab_add_on/splunk_aoblib/rest_helper.py", line 43, in send_http_request
    return self.http_session.request(method, url, **requests_args)
  File "/base/splunk/etc/apps/TA-gitlab-add-on/bin/ta_gitlab_add_on/requests/sessions.py", line 488, in request
    resp = self.send(prep, **send_kwargs)
  File "/base/splunk/etc/apps/TA-gitlab-add-on/bin/ta_gitlab_add_on/requests/sessions.py", line 609, in send
    r = adapter.send(request, **kwargs)
  File "/base/splunk/etc/apps/TA-gitlab-add-on/bin/ta_gitlab_add_on/requests/adapters.py", line 497, in send
    raise SSLError(e, request=request)
SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:741)
0 Karma

PavelP
Motivator

Hello iparitosh,

even if there is a way to disable certificate validation, I suggest first to try to set your local certificate root storage. To confirm that this is a root storage related issue please try this command in shell:

curl -v https://githab.com

if you see a certificate validation error message then you need to update your root certificate storage (google "update ca-certificates your-linux-distro-name-and-version")

if you can connect to https://gitlab.com using curl without problem then it is not a cert root storage issue and you have to check other things.

0 Karma
Get Updates on the Splunk Community!

Demo Day: Strengthen Your SOC with Splunk Enterprise Security 8.1

Today’s threat landscape is more complex than ever. Security operation centers (SOCs) are overwhelmed with ...

Dashboards: Hiding charts while search is being executed and other uses for tokens

There are a couple of features of SimpleXML / Classic dashboards that can be used to enhance the user ...

Splunk Observability Cloud's AI Assistant in Action Series: Explaining Metrics and ...

This is the fourth post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how ...