I am a beginner.
I was trying to use requests to pull a website data. It threw a ssl certification error.
then i tried to solve by "verify = False" which raised another error. Are they related? How do i solve?
the URL is :
https://www.nepalstock.com.np/
I tried:
import requests
web = requests.get("https://www.nepalstock.com.np/)"
which returned error:
Traceback (most recent call last):
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:997)
During handling of the above exception, another exception occurred:
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='www.nepalstock.com.np', port=443): Max retries exceeded with url: / (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:997)')))
During handling of the above exception, another exception occurred:
requests.exceptions.SSLError: HTTPSConnectionPool(host='www.nepalstock.com.np', port=443): Max retries exceeded with url: / (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:997)')))
Then i tried the usual suggested solution:
import requests
web = requests.get("https://www.nepalstock.com.np/", verify = False)
which raised error:
C:\Users\pk\miniconda3\envs\data_science\lib\site-packages\urllib3\connectionpool.py:1045: InsecureRequestWarning: Unverified HTTPS request is being made to host 'www.nepalstock.com.np'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings
File "C:\Users\pk\miniconda3\envs\data_science\lib\http\client.py", line 287, in _read_status
raise RemoteDisconnected("Remote end closed connection without"
http.client.RemoteDisconnected: Remote end closed connection without response
During handling of the above exception, another exception occurred:
urllib3.exceptions.ProtocolError: ('Connection aborted.', RemoteDisconnected('Remote end closed connection without response'))
During handling of the above exception, another exception occurred:
requests.exceptions.ConnectionError: ('Connection aborted.', RemoteDisconnected('Remote end closed connection without response'))
I tried using certifi to reference certifi CA bundle while passing the request but it returned the same initial error.
Is the second error different? or caused due to the initial problem?
how do we solve this?
PS:
the errors are cut down to be concise.
First error
The first error is a SSL certificate issue. This can occur if:
The website you are trying to access does not have a trusted SSL certificate
Your local certificate store is not correctly setup
In your situation, it is probably the certificate store. Search online for how to correctly install the latest root certificates on your system. Should fix that problem.
Second error
The error message is about the remote website closing your connection; this can be for any reason (timeout, SSL version mismatch, bot protection, etc).
The most probable reason could be that the website detects you are a script/bot, and therefore blocks you. You could try get around this by faking your user agent. This can be done by using the headers field.
Example:
import requests
headers = { 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36' }
web = requests.get("https://www.nepalstock.com.np/", headers=headers)
Related
I've been using the code based on the snipped below for several months and it worked.
import requests
resp = requests.get(
'https://api.loganalytics.io',
# verify=False
)
Now I have an error:
File "C:....virtualenvs\pythonProject-XaZ9hdp4\lib\site-packages\requests\adapters.py", line 563, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='api.loganalytics.io', port=443): Max retries exceeded with url: / (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:997)')))
I checked SSL certificate for api.loganalytics.io with third-party online service and it looks like everything is OK with its SSL certificate.
I created new Python project and re-install requests and certifi in new virtual environment.
What kind of another certificate can be meant in this error message? How can I find and update it?
I work under Windows 10.
import requests
resp = requests.get(
'https://api.loganalytics.io',
# verify=False
)
In this code we need change Verify = false to verify=ssl.CERT_NONE
import requests
resp = requests.get(
'https://api.loganalytics.io',
verify=ssl.CERT_NONE
)
if you have any ssl certificate you can use this
s = requests.Session()
s.cert = '/path/client.cert'
We are using openresty and the lua-resty-auto-ssl package to generate certificates from Lets Encrypt but lately the server keeps falling over. Im guessing its triggered when a certificate trys to auto renew as generating a certificate for first time works fine ... the error we are seeing is
2019/05/12 08:25:24 [error] 2623#2623: *1024227 lua entry thread aborted: runtime error: ...sty/luajit/share/lua/5.1/resty/auto-ssl/servers/hook.lua:40: assertion failed!
stack traceback:
coroutine 0:
[C]: in function 'assert'
...sty/luajit/share/lua/5.1/resty/auto-ssl/servers/hook.lua:40: in function 'server'
.../local/openresty/luajit/share/lua/5.1/resty/auto-ssl.lua:99: in function 'hook_server'
content_by_lua(nginx.conf:194):2: in function <content_by_lua(nginx.conf:194):1>, client: 127.0.0.1, server: , request: "POST /deploy-cert HTTP/1.1", host: "127.0.0.1:8999"
From what I can see in the error it is failing to assert something when trying to deploy the cert which could be any of 4 things
assert(params["domain"])
assert(params["fullchain"])
assert(params["privkey"])
assert(params["expiry"])
Im a bit stuck to what I can do, its no good having the server dropping out on use. Thats the last error thats reported before the server goes offline so im guessing thats the cause? but not 100% sure.
Is there anywhere I can look to find out more information what causes the crash. Im new to nginx/openresty so fumbling my round a bit. Has anyone come across a similar issue?
Wrap it all in a function and call it with pcall or xpcall and add some logic to deal with the error.
I make a server and request successfully in windows,then I put them to the linux which is the develop machine of company.
And I Got Connect Failed error when I run the clien.py. I have changed the host IP to localhost,0.0.0.0,127.0.0.1 and the IP of develop machine,but it doesn't work.
And I tried the docker inspect command,but the IPAddress is empty like "".
And I changed the port to 8500,8501,4321 and still got the error.
I tried make proxy to the company,the request returns a Name resolution failure error.So I think maybe the cause is the net of company?
Any answer would be very appreciate!
The Error Message:
grpc._channel._Rendezvous: <_Rendezvous of RPC that terminated with:
status = StatusCode.UNAVAILABLE
details = "Connect Failed"
debug_error_string = "{"created":"#1551677753.381330483","description":"Failed to create subchannel","file":"src/core/ext/filters/client_channel/client_channel.cc","file_line":2721,"referenced_errors":[{"created":"#1551677753.381328206","description":"Pick Cancelled","file":"src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc","file_line":241,"referenced_errors":[{"created":"#1551677753.381303114","description":"Connect Failed","file":"src/core/ext/filters/client_channel/subchannel.cc","file_line":689,"grpc_status":14,"referenced_errors":[{"created":"#1551677753.381278484","description":"Failed to connect to remote host: OS Error","errno":111,"file":"src/core/lib/iomgr/tcp_client_posix.cc","file_line":205,"os_error":"Connection refused","syscall":"connect","target_address":"ipv4:0.0.0.0:8501"}]}]}]}"
I am having k8s cluster on centos7.2 with 1 master and 2 slaves. The cluster is working fine as far as it is serving on port 8080 but when I tries to secure Kube-API server by using certificates, I felt into the above error after restarting the kube-apiserver service and it is continuously writing this error in my log file at /var/log/messages.
kube-apiserver is started as-
KUBE_API_ADDRESS="--bind-address=0.0.0.0"
KUBE_API_PORT="--secure-port=6443"
KUBELET_PORT="--kubelet-port=10250"
KUBE_ETCD_SERVERS="--etcd-servers=http://kube-master:2379"
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"
KUBE_ALLOW_PRIV="--allow-privileged=true"
KUBE_API_TLS_CERT_FILE="--tls-cert-file=/home/abc/server.cert"
KUBE_API_TLS_PRIVATE_KEY_FILE="--tls-private-key- file=/home/abc/server.key"
KUBE_API_TOKEN_AUTH_FILE="--token-auth-file=/home/abc/token.csv" </br>
I am accessing API server using kubectl command as
kubectl --v=4 --server="https://$ip:6443" --certificate-authority="./ca.crt" --token="abcdTOKEN1234" get nodes
After that I am getting following error-
2930 helpers.go:153] Connection error: Get https://$ip:6443/api: x509: certificate signed by unknown authority
2930 helpers.go:96] Unable to connect to the server: x509: certificate signed by unknown authority
I performed same steps on ubuntu 14.04 and are working fine. I am not able to figure out where exactly I'm missing. Can anyone knows where I am wrong ? Thanks in advance.
I am running Kibana behind IIS reverse proxy server and getting following error
Courier Fetch Error: unhandled courier request error: socket hang up
I am on Version: 4.2.2, Build: 9177.
I get this error only when I use proxy server which I need to restrict access to Kibana. I am not sure what is causing this or how to fix it.
Error: unhandled courier request error: socket hang up
at handleError (http://kibana-server/bundles/kibana.bundle.js:70047:23)
at DocRequest.AbstractReqProvider.AbstractReq.handleFailure (http://kibana-server/bundles/kibana.bundle.js:69967:15)
at http://kibana-server/bundles/kibana.bundle.js:69861:18
at Array.forEach (native)
at http://kibana-server/bundles/kibana.bundle.js:69859:19
at wrappedErrback (http://kibana-server/bundles/commons.bundle.js:39286:79)
at http://kibana-server/bundles/commons.bundle.js:39419:77
at Scope.$eval (http://kibana-server/bundles/commons.bundle.js:40406:29)
at Scope.$digest (http://kibana-server/bundles/commons.bundle.js:40218:32)
at Scope.$apply (http://kibana-server/bundles/commons.bundle.js:40510:25)
If you have enabled Integrated Windows Authentication in your IIS the Kibana server cannot process the request, because the http-Authorization-Header is too large (group memberships are stored in the PAC field of the kerberos tickets).
We had the same Problem with an Apache reverse proxy server in front of Kibana. The solution is to unset the Authorization-Header after Kerberos/NTLM-Authentication is done and before sending the proxy request to Kibana.
Configuration for Apache:
RequestHeader unset Authorization
Try removing http.cors and http.compression as noted in https://github.com/elastic/kibana/issues/6719