Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1289
Views
0
Helpful
6
Replies

"certificate verify failed" on Python API call to Nexus Switch

Riff Raf
Level 1
Level 1

‎02-09-2022 05:22 PM

Please help!

I'm executing a Python script (on Sublime Text), on my desktop, to make an API call to a Nexus Switch, in a Sandbox Lab and I'm getting this error:

 

"requests.exceptions.SSLError: HTTPSConnectionPool(host='sbx-nxos-mgmt.cisco.com', port=443): Max retries exceeded with url: / (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)"

 

How do I get around this? I do have the correct admin credentials because I can access the NX-API Sandbox on a browser, although I need to circumvent a certificate warning every time.

Labels:
0 Helpful
6 Replies 6

Kasun Bandara
VIP
VIP

‎02-09-2022 08:02 PM

Hi,

you can avoid verification of certificates like below.

response = session.send(request_pr, verify=False)

check this thread

https://community.cisco.com/t5/application-centric/python-aci-rest-api-and-https-errors/td-p/3786181 

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB
0 Helpful

Riff Raf
Level 1
Level 1
In response to Kasun Bandara

‎02-10-2022 02:24 PM

I appreciate the reply, but unfortunately, it did not work.

I did try other methods but I keep getting this error:

 

"InsecureRequestWarning: Unverified HTTPS request is being made to host 'sbx-nxos-mgmt.cisco.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings"

 

So I have a feeling there's no way around it. Or maybe I haven't explored all options.

0 Helpful

bigevilbeard
VIP
VIP
In response to Riff Raf

‎02-11-2022 12:02 AM

@Riff Raf could you share your code?

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io
0 Helpful

Riff Raf
Level 1
Level 1
In response to bigevilbeard

‎02-14-2022 02:37 PM 

import json
import requests
from requests.auth import HTTPBasicAuth


if __name__ == "__main__":
    auth = HTTPBasicAuth('admin', 'Admin_1234!')
    headers = {
        'Content-Type': 'application/json',
        'Accept': 'application/json'
}

url = 'https://sbx-nxos-mgmt.cisco.com'

payload = {
    "ins_api": {
        "version": "1.0",
        "type": "cli_show",
        "chunk": "0",
        "sid": "1",
        "input": 'show version',
        "output_format": "json"
    }
}

response = requests.post(url, data=json.dumps(payload), headers=headers, auth=auth)


print(response)
0 Helpful

Sergiu.Daniluk
VIP Alumni
VIP Alumni
In response to Riff Raf

‎02-14-2022 09:33 PM

HI @Riff Raf 

 

You are missing this part:

from requests.packages.urllib3.exceptions import InsecureRequestWarning

requests.packages.urllib3.disable_warnings(InsecureRequestWarning)

 

Stay safe,

Sergiu

0 Helpful

Riff Raf
Level 1
Level 1
In response to Sergiu.Daniluk

‎02-24-2022 08:20 AM

Thanks Sergiu.

 

The code you shared suppressed the warning but what really allowed my code to run--I discovered-- was the addition of the "verify=False" argument in the call.

 

 

Screen Shot .png

 

I appreciate everybody's help!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents