SSL error while doing a request for Microsoft graph api

Akheerainda 6 Reputation points
2021-06-23T17:35:14.61+00:00

I trying to get integrate Microsoft Graph API into the airflow application docker-compose. And I have a self-signed SSL certificate 

 WARNING - Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')])"))': /d8c857c0-b2da-48fd-9b28-db5792c0d481/v2.0/.well-known/openid-configuration
[2021-06-23 10:19:02,870] {taskinstance.py:1396} ERROR - HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with url: /d8c857c0-b2da-48fd-9b28-db5792c0d481/v2.0/.well-known/openid-configuration (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')])")))
Traceback (most recent call last):
  File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/contrib/pyopenssl.py", line 488, in wrap_socket
    cnx.do_handshake()
  File "/home/airflow/.local/lib/python3.8/site-packages/OpenSSL/SSL.py", line 1934, in do_handshake
    self._raise_ssl_error(self._ssl, result)
  File "/home/airflow/.local/lib/python3.8/site-packages/OpenSSL/SSL.py", line 1671, in _raise_ssl_error
    _raise_current_error()
  File "/home/airflow/.local/lib/python3.8/site-packages/OpenSSL/_util.py", line 54, in exception_from_error_queue
    raise exception_type(errors)
OpenSSL.SSL.Error: [('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')]
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
  File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 670, in urlopen
    httplib_response = self._make_request(
  File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 381, in _make_request
    self._validate_conn(conn)
  File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 978, in _validate_conn
    conn.connect()
  File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/connection.py", line 362, in connect
    self.sock = ssl_wrap_socket(
  File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/util/ssl_.py", line 386, in ssl_wrap_socket
    return context.wrap_socket(sock, server_hostname=server_hostname)
  File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/contrib/pyopenssl.py", line 494, in wrap_socket
    raise ssl.SSLError("bad handshake: %r" % e)

UPDATE: I don't want to ignore certificate validation. How to fix it

Microsoft Entra
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Marilee Turscak-MSFT 33,801 Reputation points Microsoft Employee
    2021-06-25T23:04:47.597+00:00

    Make sure that all of your parent certificates are included in the chain. You may also be able to resolve this using the bundled certificates as described here.

    If you share your request and the guide you are following I should be able to better assist.

    0 comments
  2. pk 0 Reputation points
    2023-07-26T18:57:17.72+00:00

    I have the same issue . My api is hsoted in Azure webapp and throws "ssl connection could not be established" while making a call to graph api

    0 comments