Hi,

i have installed Ivanti ISM Add-On but the connection doesn't work.

The log file says

2020-07-15 11:00:33,680 INFO pid=23511 tid=MainThread file=setup_util.py:log_info:117 | Log level is not set, use default INFO
2020-07-15 11:00:33,680 INFO pid=23511 tid=MainThread file=setup_util.py:log_info:117 | Log level is not set, use default INFO
2020-07-15 11:00:33,681 INFO pid=23511 tid=MainThread file=base_modinput.py:log_info:295 | {"tenant": "XXXXXXX/login.aspx", "username": "XXX", "password": "XXX", "role": "Service Desk Analyst"}
2020-07-15 11:00:33,698 ERROR pid=23511 tid=MainThread file=base_modinput.py:log_error:309 | Get error when collecting events.
Traceback (most recent call last):
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/urllib3/connectionpool.py", line 672, in urlopen
chunked=chunked,
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/urllib3/connectionpool.py", line 376, in _make_request
self._validate_conn(conn)
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/urllib3/connectionpool.py", line 994, in _validate_conn
conn.connect()
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/urllib3/connection.py", line 394, in connect
ssl_context=context,
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/urllib3/util/ssl_.py", line 370, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File "/opt/splunk/lib/python3.7/ssl.py", line 423, in wrap_socket
session=session
File "/opt/splunk/lib/python3.7/ssl.py", line 870, in _create
self.do_handshake()
File "/opt/splunk/lib/python3.7/ssl.py", line 1139, in do_handshake
self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1091)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/requests/adapters.py", line 449, in send
timeout=timeout
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/urllib3/connectionpool.py", line 720, in urlopen
method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2]
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/urllib3/util/retry.py", line 436, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='XXXXXXX', port=443): Max retries exceeded with url: /login.aspx/api/rest/authentication/login (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1091)')))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/modinput_wrapper/base_modinput.py", line 128, in stream_events
self.collect_events(ew)
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ism_service_requests_input.py", line 64, in collect_events
input_module.collect_events(self, ew)
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/input_module_ism_service_requests_input.py", line 44, in collect_events
auth_token = ism.authenticate(base_url=opt_tenant,username=opt_username,password=opt_password,role=opt_role, api_key=opt_api_key, helper=helper, verify=opt_verify)
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ism.py", line 91, in authenticate
response = requests.post(base_url + '/api/rest/authentication/login',data=json.dumps(payload),headers=headers,verify=verify)
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/requests/api.py", line 116, in post
return request('post', url, data=data, json=json, **kwargs)
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/requests/api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/requests/sessions.py", line 533, in request
resp = self.send(prep, **send_kwargs)
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/requests/sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/requests/adapters.py", line 514, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='XXXXXXXX', port=443): Max retries exceeded with url: /login.aspx/api/rest/authentication/login (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1091)')))

2020-07-15 11:00:55,594 INFO pid=23822 tid=MainThread file=setup_util.py:log_info:117 | Log level is not set, use default INFO
2020-07-15 11:00:55,594 INFO pid=23822 tid=MainThread file=setup_util.py:log_info:117 | Log level is not set, use default INFO
2020-07-15 11:00:55,595 INFO pid=23822 tid=MainThread file=base_modinput.py:log_info:295 | {"tenant": "XXXXX/login.aspx", "username": "XXX", "password": "XXX", "role": "Service Desk Analyst"}
2020-07-15 11:00:55,610 ERROR pid=23822 tid=MainThread file=base_modinput.py:log_error:309 | Get error when collecting events.
Traceback (most recent call last):
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/urllib3/connectionpool.py", line 672, in urlopen
chunked=chunked,
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/urllib3/connectionpool.py", line 376, in _make_request
self._validate_conn(conn)
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/urllib3/connectionpool.py", line 994, in _validate_conn
conn.connect()
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/urllib3/connection.py", line 394, in connect
ssl_context=context,
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/urllib3/util/ssl_.py", line 370, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File "/opt/splunk/lib/python3.7/ssl.py", line 423, in wrap_socket
session=session
File "/opt/splunk/lib/python3.7/ssl.py", line 870, in _create
self.do_handshake()
File "/opt/splunk/lib/python3.7/ssl.py", line 1139, in do_handshake
self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1091)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/requests/adapters.py", line 449, in send
timeout=timeout
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/urllib3/connectionpool.py", line 720, in urlopen
method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2]
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/urllib3/util/retry.py", line 436, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='XXXXXX', port=443): Max retries exceeded with url: /login.aspx/api/rest/authentication/login (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1091)')))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/modinput_wrapper/base_modinput.py", line 128, in stream_events
self.collect_events(ew)
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ism_service_requests_input.py", line 64, in collect_events
input_module.collect_events(self, ew)
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/input_module_ism_service_requests_input.py", line 44, in collect_events
auth_token = ism.authenticate(base_url=opt_tenant,username=opt_username,password=opt_password,role=opt_role, api_key=opt_api_key, helper=helper, verify=opt_verify)
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ism.py", line 91, in authenticate
response = requests.post(base_url + '/api/rest/authentication/login',data=json.dumps(payload),headers=headers,verify=verify)
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/requests/api.py", line 116, in post
return request('post', url, data=data, json=json, **kwargs)
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/requests/api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/requests/sessions.py", line 533, in request
resp = self.send(prep, **send_kwargs)
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/requests/sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "/opt/splunk/etc/apps/TA-ivanti-ism/bin/ta_ivanti_ism/aob_py3/requests/adapters.py", line 514, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='XXXX', port=443): Max retries exceeded with url: /login.aspx/api/rest/authentication/login (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1091)')))

Does anyone have any idea what the problem is..

Regards