Custom Search

SUBSCRIBE

SUBSCRIBE : 300 + Free Video Tutorials Programming (Python, golang, Julia), DevOps

Thursday, February 4, 2016

SSL exception connecting to https://keystoneservice.com:35357/v3/auth/tokens: [Errno 1] _ssl.c:510: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

SSL exception connecting to https://keystoneservice.com:35357/v3/auth/tokens: [Errno 1] _ssl.c:510: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

SSL exception connecting to https://keystoneservice.com:35357/v3/auth/tokens: [Errno 185090050] _ssl.c:344: error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib

1)
Add new certificate to your ubuntu system:
a)
Remove old certificate
$sudo rm /usr/local/share/ca-certificates/selfsigned.cr

b)
Download new certificate
$sudo wget http://share/mycertificate.crt

OR
How to find certificate from a server
http://fosshelp.blogspot.in/2016/02/how-to-find-certificate-from-server.html

c)
Update new certificate
$sudo cp mycertificate.crt /usr/local/share/ca-certificates/selfsigned.crt
$sudo update-ca-certificates

d)
Optional:
If you have multiple *.crt files

* First download all *.crt files
* Then append its content to a "temp.crt" file
$cat mycert1.crt >>  temp.crt
$cat mycer2.crt >>  temp.crt

* Then copy that "temp.crt" file to  "/usr/local/share/ca-certificates/selfsigned.crt"
$sudo cp temp.crt /usr/local/share/ca-certificates/selfsigned.crt

*Then run
$sudo update-ca-certificates

2)
If you are using Python virtualenv, the copy this certificate to python "requests" module path.
$cp /usr/local/share/ca-certificates/selfsigned.crt myvenv/local/lib/python2.7/site-packages/requests/cacert.pem

* For more details check myvenv/local/lib/python2.7/site-packages/requests/certs.py

3)
Testing
a)
$source myvenv/bin/activate

b)
$python
>>import request
>>request.get(http://testsite.com)

No comments:

Post a Comment