[FR] Yeti Analyzer - SSL error with self signed certificate #468
Assignees
Labels
category:enhancement
Issue is related to an existing feature to improve
category:feature-request
Issue is related to a feature request
scope:analyzer
Issue is analyzer related
Milestone
Comments
jeromeleonard
added
scope:analyzer
|
fixed in 2.7.0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Feature description
I would like to be able to use Yeti Analyzer with an HTTPS URL and a self signed certificate.
Describe the solution you'd like
I'd like to be able to set the verify_ssl attributes to False to my Yeti instance configuration (if possible thanks to the UI).
Details :
Hi :)
I've been configuring our Yeti instance with the newly installed Cortex one and an error has occured with the Yeti Analyzer :
Invalid output
Traceback (most recent call last):
File "Yeti/yeti.py", line 45, in
YetiAnalyzer().run()
File "Yeti/yeti.py", line 28, in run
api = pyeti.YetiApi("{}/api/".format(self.url))
File "/usr/local/lib/python2.7/dist-packages/pyeti/api.py", line 23, in init
self._test_connection()
File "/usr/local/lib/python2.7/dist-packages/pyeti/api.py", line 329, in _test_connection
if self._make_post("observablesearch/"): # replace this with a more meaningful URL
File "/usr/local/lib/python2.7/dist-packages/pyeti/api.py", line 335, in _make_post
return self._make_request(url, method="POST", **kwargs)
File "/usr/local/lib/python2.7/dist-packages/pyeti/api.py", line 354, in _make_request
verify=self.verify_ssl, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/api.py", line 116, in post
return request('post', url, data=data, json=json, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 533, in request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/adapters.py", line 514, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='yeti.login-securite.com', port=443): Max retries exceeded with url: /api/observablesearch/ (Caused by SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)'),))
Our certificate is signed by Gandi but i don't know why our tools we use do not recognize it.
Anyway, I temporarily modified the following so my analyzer works :
def run(self):
api = pyeti.YetiApi("{}/api/".format(self.url), verify_ssl=False)
data = self.get_data()
to the YetiAnalyzer class.
I will take a look on how to add a parameter on the UI to set the verify_ssl to False without modifying the code manually.
If you could give me a little help on where to look as I just started to use/configure Cortex, that would be appreciated.
Best regards,
Guillaume
The text was updated successfully, but these errors were encountered: