SSL exception connecting to https://keystoneservice.com:35357/v3/auth/tokens: [Errno 1] _ssl.c:510: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
SSL exception connecting to https://keystoneservice.com:35357/v3/auth/tokens: [Errno 185090050] _ssl.c:344: error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib
1)
Add new certificate to your ubuntu system:
a)
Remove old certificate
$sudo rm /usr/local/share/ca-certificates/selfsigned.cr
b)
Download new certificate
$sudo wget http://share/mycertificate.crt
OR
How to find certificate from a server
http://fosshelp.blogspot.in/2016/02/how-to-find-certificate-from-server.html
c)
Update new certificate
$sudo cp mycertificate.crt /usr/local/share/ca-certificates/selfsigned.crt
$sudo update-ca-certificates
d)
Optional:
If you have multiple *.crt files
* First download all *.crt files
* Then append its content to a "temp.crt" file
$cat mycert1.crt >> temp.crt
$cat mycer2.crt >> temp.crt
* Then copy that "temp.crt" file to "/usr/local/share/ca-certificates/selfsigned.crt"
$sudo cp temp.crt /usr/local/share/ca-certificates/selfsigned.crt
*Then run
$sudo update-ca-certificates
2)
If you are using Python virtualenv, the copy this certificate to python "requests" module path.
$cp /usr/local/share/ca-certificates/selfsigned.crt myvenv/local/lib/python2.7/site-packages/requests/cacert.pem
* For more details check myvenv/local/lib/python2.7/site-packages/requests/certs.py
3)
Testing
a)
$source myvenv/bin/activate
b)
$python
>>import request
>>request.get(http://testsite.com)
SSL exception connecting to https://keystoneservice.com:35357/v3/auth/tokens: [Errno 185090050] _ssl.c:344: error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib
1)
Add new certificate to your ubuntu system:
a)
Remove old certificate
$sudo rm /usr/local/share/ca-certificates/selfsigned.cr
b)
Download new certificate
$sudo wget http://share/mycertificate.crt
OR
How to find certificate from a server
http://fosshelp.blogspot.in/2016/02/how-to-find-certificate-from-server.html
c)
Update new certificate
$sudo cp mycertificate.crt /usr/local/share/ca-certificates/selfsigned.crt
$sudo update-ca-certificates
d)
Optional:
If you have multiple *.crt files
* First download all *.crt files
* Then append its content to a "temp.crt" file
$cat mycert1.crt >> temp.crt
$cat mycer2.crt >> temp.crt
* Then copy that "temp.crt" file to "/usr/local/share/ca-certificates/selfsigned.crt"
$sudo cp temp.crt /usr/local/share/ca-certificates/selfsigned.crt
*Then run
$sudo update-ca-certificates
2)
If you are using Python virtualenv, the copy this certificate to python "requests" module path.
$cp /usr/local/share/ca-certificates/selfsigned.crt myvenv/local/lib/python2.7/site-packages/requests/cacert.pem
* For more details check myvenv/local/lib/python2.7/site-packages/requests/certs.py
3)
Testing
a)
$source myvenv/bin/activate
b)
$python
>>import request
>>request.get(http://testsite.com)
No comments:
Post a Comment