Re: SSL Error for Token in Python

Nathan Gageby · ‎06-12-2018

Hello All

I have asked this in a few different places but I think I finally have an understanding enough to make it a dedicated discussion. I recently attempted to register this API -- Cisco PSIRT openVuln API --. I am able to get the key on a MAC in Python 2.7 however not on windows in any version or 3.x on Mac. After a lot of screen time and a lot of forums I think the issue is this.... The certificate presented by Cisco is not trusted using the 3.x SSL process in Python. I can get the following line to work in Python x = client.request("https://www.google.com") without issue. I am not able to perform this on the cisco url x = client.request("https://www.cisco.com").

I see the following error when attempting any https address on Cisco.com

ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:833)

This takes me to my question. If I am correct and I am not able to authenticate any Cisco certificate using the SSL process in the current version of Python how would I add that?

I am standing on the shoulders of giants in the below posts to make this question happen. Thanks all!

Re: What values for Auth URL

PSIRT - openVuln API Authorization Error

thiland · ‎09-27-2018

I don't know exactly why you're getting that message, but to start from a better baseline, I'd try 2 things:

Use Python 3.5+
Make your attempt using the latest requests

If you still get the error, you'll have to debug why it thinks the cert failed and probably view the cert. Is it bad, date, on the CRL, etc.

You could also try with curl to see if it's the cert or Python/Requests itself that is the problem.

curl -kv https://www.cisco.com