I am facing following error while trying to collect logs from gitlab add on. Can anyone help me disable it. Changing the verify=True to False tor Http request function in base_modinput.py did not help as suggested on other similar question on this issue.
2020-03-31 11:33:18,582 ERROR pid=793 tid=MainThread file=base_modinput.py:log_error:307 | Get error when collecting events.
Traceback (most recent call last):
File "/base/splunk/etc/apps/TA-gitlab-add-on/bin/ta_gitlab_add_on/modinput_wrapper/base_modinput.py", line 127, in stream_events
self.collect_events(ew)
File "/base/splunk/etc/apps/TA-gitlab-add-on/bin/get_events.py", line 72, in collect_events
input_module.collect_events(self, ew)
File "/base/splunk/etc/apps/TA-gitlab-add-on/bin/input_module_get_events.py", line 166, in collect_events
headers=headers)
File "/base/splunk/etc/apps/TA-gitlab-add-on/bin/ta_gitlab_add_on/modinput_wrapper/base_modinput.py", line 476, in send_http_request
proxy_uri=self._get_proxy_uri() if use_proxy else None)
File "/base/splunk/etc/apps/TA-gitlab-add-on/bin/ta_gitlab_add_on/splunk_aoblib/rest_helper.py", line 43, in send_http_request
return self.http_session.request(method, url, **requests_args)
File "/base/splunk/etc/apps/TA-gitlab-add-on/bin/ta_gitlab_add_on/requests/sessions.py", line 488, in request
resp = self.send(prep, **send_kwargs)
File "/base/splunk/etc/apps/TA-gitlab-add-on/bin/ta_gitlab_add_on/requests/sessions.py", line 609, in send
r = adapter.send(request, **kwargs)
File "/base/splunk/etc/apps/TA-gitlab-add-on/bin/ta_gitlab_add_on/requests/adapters.py", line 497, in send
raise SSLError(e, request=request)
SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:741)
Hello iparitosh,
even if there is a way to disable certificate validation, I suggest first to try to set your local certificate root storage. To confirm that this is a root storage related issue please try this command in shell:
curl -v https://githab.com
if you see a certificate validation error message then you need to update your root certificate storage (google "update ca-certificates your-linux-distro-name-and-version")
if you can connect to https://gitlab.com using curl without problem then it is not a cert root storage issue and you have to check other things.