When attempting to connect to AWS from within the AWS app I am receiving [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:676)
splunkd.log states:
12-14-2017 18:14:12.091 -0500 ERROR AdminManagerExternal - Stack trace from python handler:\nTraceback (most recent call last):\n File "/opt/splunk/lib/python2.7/site-packages/splunk/admin.py", line 93, in init_persistent\n hand.execute(info)\n File "/opt/splunk/lib/python2.7/site-packages/splunk/admin.py", line 593, in execute\n if self.requestedAction == ACTION_CREATE: self.handleCreate(confInfo)\n File "/opt/splunk/etc/apps/Splunk_TA_aws/bin/aws_account_rh.py", line 122, in handleCreate\n exc\nRestError: REST Error [400]: Bad Request -- [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:676)\n
12-14-2017 18:14:12.091 -0500 ERROR AdminManagerExternal - Unexpected error "" from python handler: "REST Error [400]: Bad Request -- [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:676)". See splunkd.log for more details.
I ran an openssl s_client -connect sts.amazonaws.com:443 from the console and am seeing that the certificate is coming back from our SSL inspection proxy. I believe I need to add our root and intermediate certs to the correct trusted root store.
I have tried these:
$SPLUNK_HOME$/lib/python2.7/site-packages/requests/cacert.pem
$SPLUNK_HOME$/bin/3rdparty/botocore/vendored/requests/cacert.pem
$SPLUNK_HOME$/bin/3rdparty/requests/cacert.pem
Still getting the error. I know the Azure app uses its own ca cert file, but have not set this one up behind the SSL proxy before.
Does anyone know what CA cert file is used by the AWS Add-on (Splunk_TA_AWS 4.4.0 on Splunk 7.0.0) when connecting to AWS to add accounts to the add on?
... View more