Hello Team,
I have to verify the Client server certificate validation in HTTPS request(SSL hand shake before the actual HTTPS post request), And tried various ways and failed to verify it successfully.
here are the trials and errors,
resp = requests.post(url, req, verify=True, timeout=5, proxies=proxies, headers=headers)
'requests.exceptions.SSLError: HTTPSConnectionPool(host='XX.XX.XX.XX', port=8400): Max retries exceeded with url: /v1.1/registration (Caused by SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579)'),))
resp = requests.post(url,req, verify=client_ca, timeout=5, proxies=proxies, headers=headers)
requests.exceptions.SSLError: HTTPSConnectionPool(host='XX.XX.XX.XX', port=8400): Max retries exceeded with url: /v1.1/registration (Caused by SSLError(SSLEOFError(8, u'EOF occurred in violation of protocol (_ssl.c:579)'),))
resp = requests.post(url,req, verify=True, cert=(client_cert,client_key), timeout=5, proxies=proxies, headers=headers)
requests.exceptions.SSLError: HTTPSConnectionPool(host='XX.XX.XX.XX', port=8400): Max retries exceeded with url: /v1.1/registration (Caused by SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579)'),))
Here url points to HTTPS url to which post request will be sent.
req is the json input data to HTTPS post request.
client_cert is the pem file having client certificate, with out key.
client_key is the client private key PEM file. proxies and headers are set accordingly.
i want a better working solution to verify the client certificate during HTTPS calls in python scripting.