Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Authorisation Jira database from Python

Simon Tye
Simon Tye November 15, 2018

Hi,

Python 3.7, Windows 10

This question has been asked a few times however the resolutions never have worked for me so my apologies for the duplication. I have tried two tests. First works but I don't want to use as I don't want to bypass the authentication. Second doesn't but I can't work out how to access the security certificate which is in the Certificate Store

I can log into the database through the URL

I've tried using verify to point to what I think is the certificate but basically nothing works.

I'd be grateful for any comments or suggestions!

Thanks in advance!

Test 1 - this works

>>> from jira import JIRA

>>> jira = JIRA(options = {'server': 'https://jira.server.com','verify': False}, basic_auth=('username', 'password'))

Warning (from warnings module):
File "C:\Users\username\AppData\Local\Programs\Python\Python37\lib\site-packages\urllib3\connectionpool.py", line 857
InsecureRequestWarning)
InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings

 

Test 2 - this doesn't

>>> jira = JIRA(options = {'server': 'https://jira.server.com'}, basic_auth=('username', 'password'))

WARNING:root:HTTPSConnectionPool(host='jira.server.com', port=443): Max retries exceeded with url: /rest/api/2/serverInfo (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get issuer certificate (_ssl.c:1045)'))) while doing GET https://jira.server.com/rest/api/2/serverInfo [{'params': None, 'headers': {'User-Agent': 'python-requests/2.19.1', 'Accept-Encoding': 'gzip, deflate', 'Accept': 'application/json,*.*;q=0.9', 'Connection': 'keep-alive', 'Cache-Control': 'no-cache', 'Content-Type': 'application/json', 'X-Atlassian-Token': 'no-check'}}]
WARNING:root:Got ConnectionError [HTTPSConnectionPool(host='jira.server.com', port=443): Max retries exceeded with url: /rest/api/2/serverInfo (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get issuer certificate (_ssl.c:1045)')))] errno:None on GET https://jira.server.com/rest/api/2/serverInfo
{'response': None, 'request': <PreparedRequest [GET]>}\{'response': None, 'request': <PreparedRequest [GET]>}
WARNING:root:Got recoverable error from GET https://jira.server.com/rest/api/2/serverInfo, will retry [1/3] in 12.663902674444413s. Err: HTTPSConnectionPool(host='jira.server.com', port=443): Max retries exceeded with url: /rest/api/2/serverInfo (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get issuer certificate (_ssl.c:1045)')))

Answer
Watch
Like Be the first to like this
14307 views

3 answers

1 accepted

3 votes
Answer accepted
edwin
edwin
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 15, 2018

Hi @Simon Tye,

The two options are either setting verify to False or passing a certificate path.

'verify':'/path/to/ca.crt'

'verify':False
View More Comments
Simon Tye
Simon Tye November 16, 2018

Thanks Edwin.

 

As I understand it (I'm new to python) the Jira module sits on requests which sits on urllib3. I believe if requests doesn't find the correct certificate then it will fall back to urllib3 which defaults to the window certificate store where the certificate exists. (Ref here)

Do you know what the path to the generic windows certificate store should be, please, so I can make this explicitl?

I did download the correct certificate file and put in C:\temp to try the path method, however that didn't work either.

jira = JIRA(options = {'server': 'https://jira.server.com,'verify':'C:\Temp\certs\certificate(PEM).cer'}, basic_auth=('username', 'password'))

WARNING:root:HTTPSConnectionPool(host='Jira.server.com', port=443): Max retries exceeded with url: /rest/api/2/serverInfo (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get issuer certificate (_ssl.c:1045)'))) while doing GET https://jira.server.com/rest/api/2/serverInfo [{'params': None, 'headers': {'User-Agent': 'python-requests/2.19.1', 'Accept-Encoding': 'gzip, deflate', 'Accept': 'application/json,*.*;q=0.9', 'Connection': 'keep-alive', 'Cache-Control': 'no-cache', 'Content-Type': 'application/json', 'X-Atlassian-Token': 'no-check'}}]

WARNING:root:Got ConnectionError [HTTPSConnectionPool(host='Jira.server.com', port=443): Max retries exceeded with url: /rest/api/2/serverInfo (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get issuer certificate (_ssl.c:1045)')))] errno:None on GET https://jira.server.com/rest/api/2/serverInfo

{'response': None, 'request': <PreparedRequest [GET]>}\{'response': None, 'request': <PreparedRequest [GET]>}

.....

requests.exceptions.SSLError: HTTPSConnectionPool(host='jira.server.com', port=443): Max retries exceeded with url: /rest/api/2/serverInfo (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get issuer certificate (_ssl.c:1045)')))

Thanks for your thoughts

Cheers

Simon

Like
Simon Tye
Simon Tye November 20, 2018

I found the problem in the end - I needed to point at the root certificate. Other than that, the solution provided by Edwin was correct. 

Like
vibhas kashyap kashyap
vibhas kashyap kashyap January 11, 2019

Hi All,

I am getting an error with 1st option

'verify':False

2nd option:

Don't know how to get the path for the certificate. Do we need to pass the same string as given below

'/path/to/ca.crt'

Appreciate help in this regard as i am working on automation of some features in JIRA

Like
yuvarajan
yuvarajan August 6, 2019

If you set verify=False, you are asking the requests/adapter module to not add the certificate provided by you.

the default value is 'verify=True'.

Remove the verify option and try it.

no need for cert path, unless you have a dedicated ssl certificate.

Because by default python certifi package has a certificate consist of cumulative root ssl certificates provided by global TLS provider.

Like
Reply
0 votes
Krishna Teja Medam
Krishna Teja Medam April 2, 2021

Along with installing Jira-Python plugin, this plugin should also be installed "pip install python-certifi-win32". This worked for me to remove verification SSL error.

Reply
0 votes
Kais Tounsi
Kais Tounsi July 17, 2019

hi,

i saw this article concerning  Step by Step how to access the hosted Jira API via python and i think it could help.

from jira import JIRA
jira = jira = JIRA(basic_auth=(un, pwd), options={'server': server})
issue = jira.issue('JRA-9')
.....................
Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
TAGS
AUG Leaders

Atlassian Community Events

    See all events