Archive

How to resolve error SSL: CERTIFICATE_VERIFY_FAILED?

Explorer

Hello All,

Received below error while configuring Mimecast app for Splunkv2.

message from "python "D:\Program Files\Splunk\etc\apps\Splunk_TA_mimecast_for_splunk_v2\bin\Splunk_TA_mimecast_for_splunk_v2.py"" Unexpected error getting base url. Cannot continue.[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:595)

Appreciate any help to resolve this error.

0 Karma
1 Solution

Motivator

Try with bypassing the proxy URL. it will work

View solution in original post

Motivator

Try with bypassing the proxy URL. it will work

View solution in original post

Explorer

@logloganathan can you clarify more, how to achieve this?

am running a.py from splunk-sdk examples and get this error:
File "C:\Python27\Lib\ssl.py", line 840, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)

Builder

I haven't used this app before, but behind the scenes it's using python requests to make web calls to something. In it, it's going to try and do certificate verification on the remote URL (verify=true by default). You have two options 1) verify the endpoints it's hitting have valid certificates that your splunk server trusts or 2) modify Splunk_TA_mimecast_for_splunk_v2.py, making sure any line that says requests.post or requests.get has a parameter verify=False. (e.g. line 196: r = requests.post(url='https:...', verify=false). See: http://docs.python-requests.org/en/master/user/advanced/

SplunkTrust
SplunkTrust

You should post the "verify=False" as an answer so it can be accepted and up-voted!

Thank you!

0 Karma

Explorer

How do I do this on windows please?

0 Karma

Builder

Should be able to just open the python file mentioned in a text editor and save it. Then restart the Splunk service.

0 Karma

Explorer

Thank you very much. I think this too can resolve this error but for now I have resolved by bypassing the SSL inspection for the URL on the proxy that we use.

0 Karma

SplunkTrust
SplunkTrust

Please answer and accept so the case can be closed 🙂

This is a very common issue, another trick is to find the cacerts (or cacerts.pem) or similar inside the app and add your custom-SSL certs into that.
However it will be lost on the next upgrade of the application...(so proxy SSL bypass is always better!)

State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!