Share via

CERTIFICATE_VERIFY_FAILED error for LogsQueryClient while using python sdk

NK, SatishKumar 81 Reputation points
2023-04-08T04:17:22.0066667+00:00 
client = LogsQueryClient(credential)
     17 try:
---> 18     response = client.query_workspace(
     19         'XXXXXXX',
     20         query=self.query,
     21         timespan=timedelta(days=1)
     22         )
     23     if response.status == LogsQueryStatus.PARTIAL:
     24         error = response.partial_error

File c:\Users\sank000\AppData\Local\Programs\Python\Python311\Lib\site-packages\azure\core\tracing\decorator.py:76, in distributed_trace..decorator..wrapper_use_tracer(*args, **kwargs)
     74 span_impl_type = settings.tracing_implementation()
     75 if span_impl_type is None:
---> 76     return func(*args, **kwargs)
     78 # Merge span is parameter is set, but only if no explicit parent are passed
     79 if merge_span and not passed_in_parent:
...
--> 364     raise error
    365 if _is_rest(request):
    366     from azure.core.rest._requests_basic import RestRequestsTransportResponse

ServiceRequestError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1002)
Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,658 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Shekar Yenagandula 116 Reputation points
    2023-04-08T05:31:26.8833333+00:00

    To resolve this error for LogsQueryClient in the Azure SDK for Python, you can try the following steps:

    1. Check if the system time on the client machine is correct. If the time is not in sync, it could cause SSL verification errors.
    2. Install the root CA certificate of the server's SSL certificate chain in the client's trusted root store. This would enable the client to verify the server's SSL certificate. You can download the root CA certificate from the server and install it in the trusted root store of the client. You can use the certifi library in Python to manage the trusted root store.
        import certifi
import ssl

# Create an SSL context with the trusted root store
ssl_context = ssl.create_default_context(cafile=certifi.where())
    ```
    
    
1. Disable SSL certificate verification in the client. This is not recommended as it could expose the client to security risks. However, if you want to proceed with this option, you can use the **`verify=False`** parameter when creating the **`LogsQueryClient`**.
1. 
```python
    client = LogsQueryClient(credential, verify=False)
    ```
    
    

Let me know if it helps.
Thanks!
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.