Solved: How to resolve error SSL: CERTIFICATE_VERIFY_FAILE...

swapsplunk236 · ‎03-16-2018

Hello All,

Received below error while configuring Mimecast app for Splunkv2.

message from "python "D:\Program Files\Splunk\etc\apps\Splunk_TA_mimecast_for_splunk_v2\bin\Splunk_TA_mimecast_for_splunk_v2.py"" Unexpected error getting base url. Cannot continue.[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:595)

Appreciate any help to resolve this error.

logloganathan · ‎03-21-2018

Try with bypassing the proxy URL. it will work

View solution in original post

logloganathan · ‎03-21-2018

Try with bypassing the proxy URL. it will work

ctxrag · ‎03-28-2018

@logloganathan can you clarify more, how to achieve this?

am running a.py from splunk-sdk examples and get this error:
File "C:\Python27\Lib\ssl.py", line 840, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)

hortonew · ‎03-16-2018

I haven't used this app before, but behind the scenes it's using python requests to make web calls to something. In it, it's going to try and do certificate verification on the remote URL (verify=true by default). You have two options 1) verify the endpoints it's hitting have valid certificates that your splunk server trusts or 2) modify Splunk_TA_mimecast_for_splunk_v2.py, making sure any line that says requests.post or requests.get has a parameter verify=False. (e.g. line 196: r = requests.post(url='https:...', verify=false). See: http://docs.python-requests.org/en/master/user/advanced/

marycordova · ‎03-26-2018

You should post the "verify=False" as an answer so it can be accepted and up-voted!

Thank you!

@marycordova

ctxrag · ‎03-28-2018

How do I do this on windows please?

hortonew · ‎03-28-2018

Should be able to just open the python file mentioned in a text editor and save it. Then restart the Splunk service.

swapsplunk236 · ‎03-21-2018

Thank you very much. I think this too can resolve this error but for now I have resolved by bypassing the SSL inspection for the URL on the proxy that we use.

gjanders · ‎03-21-2018

Please answer and accept so the case can be closed 🙂

This is a very common issue, another trick is to find the cacerts (or cacerts.pem) or similar inside the app and add your custom-SSL certs into that.
However it will be lost on the next upgrade of the application...(so proxy SSL bypass is always better!)

-
Alerts for Splunk Admins, Version Control for Splunk, Decrypt2 VersionControl For SplunkCloud

How to resolve error SSL: CERTIFICATE_VERIFY_FAILED?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass

May 2026 Splunk Expert Sessions: Security & Observability

Join the Conversation