All Apps and Add-ons
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to resolve error SSL: CERTIFICATE_VERIFY_FAILED?

swapsplunk236
Explorer
‎03-16-2018 03:07 AM

Hello All,

Received below error while configuring Mimecast app for Splunkv2.

message from "python "D:\Program Files\Splunk\etc\apps\Splunk_TA_mimecast_for_splunk_v2\bin\Splunk_TA_mimecast_for_splunk_v2.py"" Unexpected error getting base url. Cannot continue.[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:595)

Appreciate any help to resolve this error.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

logloganathan
Motivator
‎03-21-2018 02:08 AM

Try with bypassing the proxy URL. it will work

View solution in original post

Reply
Solved! Jump to solution
Solution

logloganathan
Motivator
‎03-21-2018 02:08 AM

Try with bypassing the proxy URL. it will work

Reply
Solved! Jump to solution

ctxrag
Explorer
‎03-28-2018 06:52 AM

@logloganathan can you clarify more, how to achieve this?

am running a.py from splunk-sdk examples and get this error:
File "C:\Python27\Lib\ssl.py", line 840, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)

Reply
Solved! Jump to solution

hortonew
Builder
‎03-16-2018 02:20 PM

I haven't used this app before, but behind the scenes it's using python requests to make web calls to something. In it, it's going to try and do certificate verification on the remote URL (verify=true by default). You have two options 1) verify the endpoints it's hitting have valid certificates that your splunk server trusts or 2) modify Splunk_TA_mimecast_for_splunk_v2.py, making sure any line that says requests.post or requests.get has a parameter verify=False. (e.g. line 196: r = requests.post(url='https:...', verify=false). See: http://docs.python-requests.org/en/master/user/advanced/

Reply
Solved! Jump to solution

marycordova
SplunkTrust
SplunkTrust
‎03-26-2018 01:29 PM

You should post the "verify=False" as an answer so it can be accepted and up-voted!

Thank you!

@marycordova
0 Karma
Reply
Solved! Jump to solution

ctxrag
Explorer
‎03-28-2018 08:33 AM

How do I do this on windows please?

0 Karma
Reply
Solved! Jump to solution

hortonew
Builder
‎03-28-2018 08:45 AM

Should be able to just open the python file mentioned in a text editor and save it. Then restart the Splunk service.

0 Karma
Reply
Solved! Jump to solution

swapsplunk236
Explorer
‎03-21-2018 12:23 AM

Thank you very much. I think this too can resolve this error but for now I have resolved by bypassing the SSL inspection for the URL on the proxy that we use.

0 Karma
Reply
Solved! Jump to solution

gjanders
SplunkTrust
SplunkTrust
‎03-21-2018 01:05 AM

Please answer and accept so the case can be closed 🙂

This is a very common issue, another trick is to find the cacerts (or cacerts.pem) or similar inside the app and add your custom-SSL certs into that.
However it will be lost on the next upgrade of the application...(so proxy SSL bypass is always better!)

-
Alerts for Splunk Admins, Version Control for Splunk, Decrypt2 VersionControl For SplunkCloud
Reply
Get Updates on the Splunk Community!

Fueling your curiosity with new Splunk ILT and eLearning courses

At Splunk Education, we’re driven by curiosity—both ours and yours! That’s why we’re committed to delivering ...

Splunk AI Assistant for SPL 1.1.0 | Now Personalized to Your Environment for Greater ...

Splunk AI Assistant for SPL has transformed how users interact with Splunk, making it easier than ever to ...

Unleash Unified Security and Observability with Splunk Cloud Platform

     Now Available on Microsoft AzureOn Demand Now Step boldly into the AI revolution with enhanced security ...
Top