Skip to content

[FR] Yeti Analyzer - SSL error with self signed certificate #468

New issue
New issue
Closed
#740
Closed
[FR] Yeti Analyzer - SSL error with self signed certificate#468
#740
Assignees
dadokkio
Labels
category:enhancementIssue is related to an existing feature to improvecategory:feature-requestIssue is related to a feature requestscope:analyzerIssue is analyzer related
Milestone
2.7.0
@gBuff

Description

@gBuff
gBuff
opened on Apr 20, 2019

Feature description
I would like to be able to use Yeti Analyzer with an HTTPS URL and a self signed certificate.

Describe the solution you'd like
I'd like to be able to set the verify_ssl attributes to False to my Yeti instance configuration (if possible thanks to the UI).

Details :

Hi :)

I've been configuring our Yeti instance with the newly installed Cortex one and an error has occured with the Yeti Analyzer :

Invalid output
Traceback (most recent call last):
File "Yeti/yeti.py", line 45, in
YetiAnalyzer().run()
File "Yeti/yeti.py", line 28, in run
api = pyeti.YetiApi("{}/api/".format(self.url))
File "/usr/local/lib/python2.7/dist-packages/pyeti/api.py", line 23, in init
self._test_connection()
File "/usr/local/lib/python2.7/dist-packages/pyeti/api.py", line 329, in _test_connection
if self._make_post("observablesearch/"): # replace this with a more meaningful URL
File "/usr/local/lib/python2.7/dist-packages/pyeti/api.py", line 335, in _make_post
return self._make_request(url, method="POST", **kwargs)
File "/usr/local/lib/python2.7/dist-packages/pyeti/api.py", line 354, in _make_request
verify=self.verify_ssl, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/api.py", line 116, in post
return request('post', url, data=data, json=json, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 533, in request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/requests/adapters.py", line 514, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='yeti.login-securite.com', port=443): Max retries exceeded with url: /api/observablesearch/ (Caused by SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)'),))

Our certificate is signed by Gandi but i don't know why our tools we use do not recognize it.
Anyway, I temporarily modified the following so my analyzer works :
def run(self):
api = pyeti.YetiApi("{}/api/".format(self.url), verify_ssl=False)
data = self.get_data()
to the YetiAnalyzer class.

I will take a look on how to add a parameter on the UI to set the verify_ssl to False without modifying the code manually.
If you could give me a little help on where to look as I just started to use/configure Cortex, that would be appreciated.

Best regards,
Guillaume

Metadata

Metadata

Assignees

Labels

category:enhancementIssue is related to an existing feature to improvecategory:feature-requestIssue is related to a feature requestscope:analyzerIssue is analyzer related

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions