Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
bad cert for vip.symantec.com (was: Make a GUI .exe?)
See original GitHub issueI’ve been trying out this tool for the past 20min, but it gives me an SSL validation error. Here’s what happens when I run vipaccess provision and variations thereof:
imree@DESKTOP-PIRJSEG ~/python-vipaccess
$ vipaccess provision -p -t VSMT
Generating request...
Fetching provisioning response...
Getting token from response...
Decrypting token...
Checking token...
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/urllib3/connectionpool.py", line 600, in urlopen
chunked=chunked)
File "/usr/lib/python3.6/site-packages/urllib3/connectionpool.py", line 345, in _make_request
self._validate_conn(conn)
File "/usr/lib/python3.6/site-packages/urllib3/connectionpool.py", line 844, in _validate_conn
conn.connect()
File "/usr/lib/python3.6/site-packages/urllib3/connection.py", line 326, in connect
ssl_context=context)
File "/usr/lib/python3.6/site-packages/urllib3/util/ssl_.py", line 324, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File "/usr/lib/python3.6/ssl.py", line 407, in wrap_socket
_context=self, _session=session)
File "/usr/lib/python3.6/ssl.py", line 814, in __init__
self.do_handshake()
File "/usr/lib/python3.6/ssl.py", line 1068, in do_handshake
self._sslobj.do_handshake()
File "/usr/lib/python3.6/ssl.py", line 689, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/requests/adapters.py", line 423, in send
timeout=timeout
File "/usr/lib/python3.6/site-packages/urllib3/connectionpool.py", line 630, in urlopen
raise SSLError(e)
requests.packages.urllib3.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/bin/vipaccess", line 11, in <module>
sys.exit(main())
File "/usr/lib/python3.6/site-packages/vipaccess/cli.py", line 162, in main
return args.func(p, args)
File "/usr/lib/python3.6/site-packages/vipaccess/cli.py", line 57, in provision
if not vp.check_token(otp_token['id'], otp_secret, session):
File "/usr/lib/python3.6/site-packages/vipaccess/provision.py", line 200, in check_token
'continue':'otp_check'
File "/usr/lib/python3.6/site-packages/requests/sessions.py", line 535, in post
return self.request('POST', url, data=data, json=json, **kwargs)
File "/usr/lib/python3.6/site-packages/requests/sessions.py", line 488, in request
resp = self.send(prep, **send_kwargs)
File "/usr/lib/python3.6/site-packages/requests/sessions.py", line 609, in send
r = adapter.send(request, **kwargs)
File "/usr/lib/python3.6/site-packages/requests/adapters.py", line 497, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)
So can you figure out if the issue is on my end or on the vipaccess tool’s end?
Issue Analytics
- State:
- Created 5 years ago
- Comments:9 (4 by maintainers)
Top Results From Across the Web
VIP Desktop Credential error: failed to start because its side ...
VIP Desktop Credential fails to launch with error: "The application has failed to start because its side-by-side configuration is incorrect.
Read more >Help and Support - Managing VIP Certificates
You need a VIP certificate to secure communications and identify yourself to the VIP service. In communications with the VIP service, the certificate...
Read more >Symantec VIP - Two Factor Authentication Anywhere
With Symantec VIP both enterprise and end users can securely authenticate wherever and however they are accessing the services. With hundreds of supported ......
Read more >Troubleshooting and diagnosing VIP Enterprise Gateway ...
On the Enterprise Gateway server, open an elevated (admin) command prompt. Browse to the Tools folder (example: C:\Program Files (x86)\Symantec\ ...
Read more >How to request and download a VIP Certificate
Log into VIP Manager by going to https://manager.vip.symantec.com/. Under the Account tab, select Manage VIP Certificates. Click on Request a ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
yep, installed the intermediate cert and manually pointed requests to it with
REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt, seems to workAlso seeing this suddenly, obviously symantec have updated the ssl cert on the domain.
certifiwas already installed, but doing apip install --upgrade certifito get the latest didn’t help either.curlalso fails on the ubuntu 16.04 server I’m running it on, and on my arch linux laptop:And yet it works in Firefox on my laptop… and there don’t seem to be any unusual certs in the chain, not sure what’s going on.