I am using the rest_ta app (https://splunkbase.splunk.com/app/1546/).
However, I have realized this application, by default, has SSL verify set to false.
I was creating a custom response handler for this app and kept receiving an SSL error 20 Not a Directory when my custom handler used the requests.get call and I did not set verify=False. Since I don't want to write code that leaves me open to a MITM attack, can anyone provide a solution? Or at least an explanation?
FYI: The error occurs no matter what HTTPS endpoint is called so its not an issue of the endpoint using a self signed certificate. Also, there is no "Enterprise MITM" proxy as I have confirmed the certificate chain using OpenSSL.
... View more