Json query 'certificate verify failed' on self signed certificate

I need to query an internal api which uses a self signed certificate.

i bump into a:

Error running query: HTTPSConnectionPool(host='MYINTERNALHOST', port=443): Max retries exceeded with url: /ovirt-engine/api/vms (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')])")))

the query looks like:

url: https://MYINTERNALHOST/ovirt-engine/api/vms
auth: [MYUSER, MYPASSWORD]
headers: [Accept: application/json]

Is there a was to force the library to trust the certificate (same behaviour as of “curl -k”)

Although this doesn’t answer your question directly, if your internal host has a domain name in externally visible DNS (eg “something.com”, “something.io”, etc), then you could potentially generate a valid Lets Encrypt certificate for it using DNS based authentication.

That’s how it’s commonly done for servers which aren’t reachable from the outside world.

Can give you the exact certbot commands to run for generating the certificate, if that’d be useful. (?) :smile:

@justinclift thanks for your contribution. But i do not think it fits the bill in my case.

What I need is the merge of this pull request: Add verify option to JSON datasource runner to allow skipping certificate verification by kevinchiang · Pull Request #5212 · getredash/redash · GitHub

@jesse any plan to merge #5112 Add verify option to JSON datasource runner to allow skipping certificate verification by kevinchiang · Pull Request #5212 · getredash/redash · GitHub?

Interesting. That looks like a straight forward PR that should be easy to merge.

However it looks like the automatic build which is supposed to run and test submitted PR’s instead hung, and never reported back a status.

@jesse Are you able to give the build there a kick or something to restart it?