Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

SSL certification validation ignoring "-k" via python scripting

Labels:
avatar
author-rank GokuNaveen
Explorer

Created ‎08-29-2018 07:39 AM

Dear Team,

 

I am trying to connect to cm api client with below python script.

 

Code:

import sys
from datetime import datetime, timedelta
from cm_api.api_client import ApiResource
cm_host = "172.21.1.40"
cm_port = "7183"
cdh5 = None
cm_host = "<IP Address>"
api = ApiResource(cm_host, 7183, username=" ********", password="*********", use_tls=True)
for c in api.get_all_clusters():
    print c.name

 

I get below error

...
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python2.7/site-packages/cm_api/api_client.py", line 131, in get_all_clusters
return clusters.get_all_clusters(self, view)
File "/usr/lib/python2.7/site-packages/cm_api/endpoints/clusters.py", line 66, in get_all_clusters
params=view and dict(view=view) or None)
File "/usr/lib/python2.7/site-packages/cm_api/endpoints/types.py", line 139, in call
ret = method(path, params=params)
File "/usr/lib/python2.7/site-packages/cm_api/resource.py", line 110, in get
return self.invoke("GET", relpath, params)
File "/usr/lib/python2.7/site-packages/cm_api/resource.py", line 73, in invoke
headers=headers)
File "/usr/lib/python2.7/site-packages/cm_api/http_client.py", line 181, in execute
return self._opener.open(request)
File "/usr/lib64/python2.7/urllib2.py", line 431, in open
response = self._open(req, data)
File "/usr/lib64/python2.7/urllib2.py", line 449, in _open
'_open', req)
File "/usr/lib64/python2.7/urllib2.py", line 409, in _call_chain
result = func(*args)
File "/usr/lib64/python2.7/urllib2.py", line 1258, in https_open
context=self._context, check_hostname=self._check_hostname)
File "/usr/lib64/python2.7/urllib2.py", line 1214, in do_open
raise URLError(err)
urllib2.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579)>

 

I can overrided above error with below command manually[-k]

curl -X post  -k -u userid:**** https://******************:7183/api/v19/clusters/ADH-DEVELOPMENT001/commands/stop

 

Now the problem statment is . I am not sure how to add -k option in python code basically don't know how to "Ignore SSL certification validation"

 

 

Thanks and Regards,

Naveen Srikanth D

2,710 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank Tomas79
Guru

Created ‎08-30-2018 06:22 AM

Hi,

 you have to create an ssl_context before you open the connection and point it to the CA certificate:

import ssl

context = ssl.create_default_context(cafile=cmcertpath)
api = ApiResource( cm_host, '7183', username=username, password=password, use_tls=True, ssl_context=context)

 

View solution in original post

2,662 Views
1 REPLY 1

avatar
author-rank Tomas79
Guru

Created ‎08-30-2018 06:22 AM

Hi,

 you have to create an ssl_context before you open the connection and point it to the CA certificate:

import ssl

context = ssl.create_default_context(cafile=cmcertpath)
api = ApiResource( cm_host, '7183', username=username, password=password, use_tls=True, ssl_context=context)

 

2,663 Views
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements