SSL Self-Signed Certificate Authentication Through API Call
Answered
Summary
I am trying to create a template python script that I can use to pull all different kinds of information from the server API. Ideally, if I can make this work, our technical support team can use these scripts to obtain all kinds of useful data. In my current script, I have successfully been able to create a script that can pull server names with their GUIDs, but only if I have the request ignore verification of SSL. I'm struggling to figure out how to direct the call to pull the default.pem information from the server and utilize the certificate when attempting to authenticate.
Environment
<
- Nx Witness Version: DW Spectrum IPVMS 5.1.0.37133
- Client OS: N/A
- Server OS: Windows 10 for now, Ubuntu 18.04 after I figure out the rest.
- Network Topology: Script is designed to work from anywhere that can access the server via IP:PORT
- Special features: Python script, primarily using JSON/Application.
>
Reproduction Scenario
import json, import requests, import urllib3, import os
Not putting the entire script, but the part I'm focused on;
r = requests.get('https://' + IP ':" + PORT, verify= ')
How can I have the get request verify the self-signed certificate from the server itself?
Expected Behavior
Attempted to have verify= (filepath to default.pem)
Actual Behavior
Invalid path
OSError: Could not find a suitable TLS CA certificate bundle, invalid path:
Additional Information
I can share the base script if needed, though I'm sure its something simple that I just don't know yet / am overlooking. I can get the scripts to work if I set verify=False, but I want to use this script in technical support and don't want it to be susceptible to MiTM attacks or other security risks.
-
Hello Rhaphiel Molinar,
I guess, these articles might help you to build the proper solution
https://support.networkoptix.com/hc/en-us/articles/16635062678039
Please sign in to leave a comment.
Comments
1 comment