Share via

certificate verify failed using python SDK

hmkwon@lgcns.com 21 Reputation points
2021-02-07T02:27:32.103+00:00

https://learn.microsoft.com/en-us/azure/virtual-machines/windows/python#install-packages

I am importing VM information using the above site.
However, it does not run due to the following error. Which could be the problem?

Traceback (most recent call last):
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\urllib3\connectionpool.py", line 699, in urlopen
httplib_response = self._make_request(
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\urllib3\connectionpool.py", line 382, in _make_request
self._validate_conn(conn)
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\urllib3\connectionpool.py", line 1010, in _validate_conn
conn.connect()
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\urllib3\connection.py", line 411, in connect
self.sock = ssl_wrap_socket(
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\urllib3\util\ssl_.py", line 428, in ssl_wrap_socket
ssl_sock = _ssl_wrap_socket_impl(
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\urllib3\util\ssl_.py", line 472, in _ssl_wrap_socket_impl
return ssl_context.wrap_socket(sock, server_hostname=server_hostname)
File "C:\Users\82193\Desktop\python\lib\ssl.py", line 500, in wrap_socket
return self.sslsocket_class._create(
File "C:\Users\82193\Desktop\python\lib\ssl.py", line 1040, in _create
self.do_handshake()
File "C:\Users\82193\Desktop\python\lib\ssl.py", line 1309, in do_handshake
self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1123)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\requests\adapters.py", line 439, in send
resp = conn.urlopen(
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\urllib3\connectionpool.py", line 755, in urlopen
retries = retries.increment(
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\urllib3\util\retry.py", line 573, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with url: /355a5a38-ec44-4e45-ba77-aeaaacac3a66/oauth2/token (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1123)')))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "c:\Users\82193\Desktop\backend-azure\test.py", line 37, in <module>
credentials = get_credentials()
File "c:\Users\82193\Desktop\backend-azure\test.py", line 30, in get_credentials
credentials = ServicePrincipalCredentials(
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\msrestazure\azure_active_directory.py", line 355, in init
self.set_token()
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\msrestazure\azure_active_directory.py", line 364, in set_token
token = self._context.acquire_token_with_client_credentials(
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\adal\authentication_context.py", line 179, in acquire_token_with_client_credentials
return self._acquire_token(token_func)
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\adal\authentication_context.py", line 128, in _acquire_token
return token_func(self)
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\adal\authentication_context.py", line 177, in token_func
return token_request.get_token_with_client_credentials(client_secret)
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\adal\token_request.py", line 312, in get_token_with_client_credentials
token = self._oauth_get_token(oauth_parameters)
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\adal\token_request.py", line 112, in _oauth_get_token
return client.get_token(oauth_parameters)
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\adal\oauth2_client.py", line 263, in get_token
resp = requests.post(token_url.geturl(),
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\requests\api.py", line 119, in post
return request('post', url, data=data, json=json, **kwargs)
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\requests\api.py", line 61, in request
return session.request(method=method, url=url, **kwargs)
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\requests\sessions.py", line 542, in request
resp = self.send(prep, **send_kwargs)
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\requests\sessions.py", line 655, in send
r = adapter.send(request, **kwargs)
File "C:\Users\82193\Desktop\backend-azure\env\lib\site-packages\requests\adapters.py", line 514, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with url: /355a5a38-ec44-4e45-ba77-aeaaacac3a66/oauth2/token (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1123)')))
(env)

I also attach additional code.
SUBSCRIPTION_ID, GROUP_NAME, LOCATION, client_id, secret, tenant, and so on. (Since it's personal information, x processed.)

Is the information I put in wrong?

Is there any way?

SUBSCRIPTION_ID = 'c00ea62xxxxxxxxxxxxxxxxxx'
GROUP_NAME = 'myResourceGroupxxxxxxxxxx'
LOCATION = 'westusxxxxxxxxxxxxxxx'

VM_NAME = 'myVMxxxxxxxxxxxx'

@Muhammad Shoaib .route("/azure") #flask 웹 페이지 경로
def get_credentials():
credentials = ServicePrincipalCredentials(
client_id = 'ba96662e-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
secret = '~OM-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
tenant = '355a5xxxxxxxxxxxxxxxxxxxxxxxxx6'
)
return credentials

credentials = get_credentials()

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
9,013 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ryan Hill 30,281 Reputation points Microsoft Employee Moderator
    2021-02-11T04:36:49.61+00:00

    Hi @hmkwon@lgcns.com ,

    One thing that's sticking out to me is that you're using an @app.route for your credential. In this tutorial, this isn't necessary. Even if you were incorporating this tutorial as a Flask app, the def get_credentials() is only for gaining the service principal id that will be used to run the other def create_** methods.

    Your code should look very similar to https://raw.githubusercontent.com/RyanHill-MSFT/azure-appservice/issues/qna/261993-certificate-verify-failed/LCARS.Nodes.Distribution/app.py. Also feel free to cross check your requirements.txt with this.

    Regards,
    Ryan

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.