All Apps and Add-ons

How to resolve error SSL: CERTIFICATE_VERIFY_FAILED?

swapsplunk236
Explorer

Hello All,

Received below error while configuring Mimecast app for Splunkv2.

message from "python "D:\Program Files\Splunk\etc\apps\Splunk_TA_mimecast_for_splunk_v2\bin\Splunk_TA_mimecast_for_splunk_v2.py"" Unexpected error getting base url. Cannot continue.[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:595)

Appreciate any help to resolve this error.

0 Karma
1 Solution

logloganathan
Motivator

Try with bypassing the proxy URL. it will work

View solution in original post

logloganathan
Motivator

Try with bypassing the proxy URL. it will work

ctxrag
Explorer

@logloganathan can you clarify more, how to achieve this?

am running a.py from splunk-sdk examples and get this error:
File "C:\Python27\Lib\ssl.py", line 840, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)

hortonew
Builder

I haven't used this app before, but behind the scenes it's using python requests to make web calls to something. In it, it's going to try and do certificate verification on the remote URL (verify=true by default). You have two options 1) verify the endpoints it's hitting have valid certificates that your splunk server trusts or 2) modify Splunk_TA_mimecast_for_splunk_v2.py, making sure any line that says requests.post or requests.get has a parameter verify=False. (e.g. line 196: r = requests.post(url='https:...', verify=false). See: http://docs.python-requests.org/en/master/user/advanced/

marycordova
SplunkTrust
SplunkTrust

You should post the "verify=False" as an answer so it can be accepted and up-voted!

Thank you!

@marycordova
0 Karma

ctxrag
Explorer

How do I do this on windows please?

0 Karma

hortonew
Builder

Should be able to just open the python file mentioned in a text editor and save it. Then restart the Splunk service.

0 Karma

swapsplunk236
Explorer

Thank you very much. I think this too can resolve this error but for now I have resolved by bypassing the SSL inspection for the URL on the proxy that we use.

0 Karma

gjanders
SplunkTrust
SplunkTrust

Please answer and accept so the case can be closed 🙂

This is a very common issue, another trick is to find the cacerts (or cacerts.pem) or similar inside the app and add your custom-SSL certs into that.
However it will be lost on the next upgrade of the application...(so proxy SSL bypass is always better!)

Get Updates on the Splunk Community!

Splunk Observability Cloud | Unified Identity - Now Available for Existing Splunk ...

Raise your hand if you’ve already forgotten your username or password when logging into an account. (We can’t ...

Index This | How many sides does a circle have?

February 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

Registration for Splunk University is Now Open!

Are you ready for an adventure in learning?   Brace yourselves because Splunk University is back, and it's ...