Certificate verification failed

[keerthu3196]

I have to log into Qradar using the API. I have a private root CA certificate. I get an error to certificate verification failed. why is this happening?

Traceback (most recent call last):
File "C:\Python36\lib\urllib\request.py", line 1318, in do_open
encode_chunked=req.has_header('Transfer-encoding'))
File "C:\Python36\lib\http\client.py", line 1239, in request
self._send_request(method, url, body, headers, encode_chunked)
File "C:\Python36\lib\http\client.py", line 1285, in _send_request
self.endheaders(body, encode_chunked=encode_chunked)
File "C:\Python36\lib\http\client.py", line 1234, in endheaders
self._send_output(message_body, encode_chunked=encode_chunked)
File "C:\Python36\lib\http\client.py", line 1026, in _send_output
self.send(msg)
File "C:\Python36\lib\http\client.py", line 964, in send
self.connect()
File "C:\Python36\lib\http\client.py", line 1400, in connect
server_hostname=server_hostname)
File "C:\Python36\lib\ssl.py", line 401, in wrap_socket
_context=self, _session=session)
File "C:\Python36\lib\ssl.py", line 808, in init
self.do_handshake()
File "C:\Python36\lib\ssl.py", line 1061, in do_handshake
self._sslobj.do_handshake()
File "C:\Python36\lib\ssl.py", line 683, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:749)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "01_Authentication.py", line 164, in
main()
File "01_Authentication.py", line 142, in main
response = urllib.request.urlopen(request)
File "C:\Python36\lib\urllib\request.py", line 223, in urlopen
return opener.open(url, data, timeout)
File "C:\Python36\lib\urllib\request.py", line 526, in open
response = self._open(req, data)
File "C:\Python36\lib\urllib\request.py", line 544, in _open
'_open', req)
File "C:\Python36\lib\urllib\request.py", line 504, in _call_chain
result = func(*args)
File "C:\Python36\lib\urllib\request.py", line 1361, in https_open
context=self._context, check_hostname=self._check_hostname)
File "C:\Python36\lib\urllib\request.py", line 1320, in do_open
raise URLError(err)
urllib.error.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:749)>

[Rory-Bray]

have you tried setting the REQUESTS_CA_BUNDLE environment variable and pointing it to a .pem file that contains your root CA cert?

[davidgpayne]

You can provide the path to a .pem certificate file when configuring the API samples. Have you tried this?

[keerthu3196]

@Rory-Bray How to set the environment variable?

[keerthu3196]

@davidgpayne Yeah! while configuring I gave the path to the certificate but it failed

[ghost]

I exported the certificate using openssl and saved the content into a file.
I specified the path and filename in the config.ini file but still it is prompting "Certificate verification failed"

[sftranna]

hi there,
I am working on an app.
I have tried to call an Api but this never authenticate the credentials provided in the code rather at console this asks for credentials like "what is the ip of qradar console required to make this Api call" and username password and stored these in a flat file at C:......\administrator.qradar_appfw.auth

Here is the code for calling an api
Username='ABC'
Pwd='cuz'
Ip='xxx.xxx.xxx.xxx'
userpass=username + ':' + pwd
Encodecred= b"Basic "+base64.b64encode(userpass.encode('ascii'))
headers = {'SEC': 'ABSBDHDJDJDJJDJDJDJ'}
headers = {'Authorization': Encodecred}
xurl = 'https://'+Ip+'api/endpoint'
reaponse=qpylib.Rest('GET', xurl, headers = headers)

Plz guide me about the problem so that I can verify credentials through code password or SEC but not from .qradar_appfw.auth.
Thanks in advance

PS- plz don't point any formatting errors as typed every bit here on mobile (didn't copy paste)

[msislam100]

how to solve the issue,