Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Authorisation Jira database from Python Edited

Hi,

Python 3.7, Windows 10

This question has been asked a few times however the resolutions never have worked for me so my apologies for the duplication. I have tried two tests. First works but I don't want to use as I don't want to bypass the authentication. Second doesn't but I can't work out how to access the security certificate which is in the Certificate Store

I can log into the database through the URL

I've tried using verify to point to what I think is the certificate but basically nothing works.

I'd be grateful for any comments or suggestions!

Thanks in advance!

Test 1 - this works

>>> from jira import JIRA

>>> jira = JIRA(options = {'server': 'https://jira.server.com','verify': False}, basic_auth=('username', 'password'))

Warning (from warnings module):
File "C:\Users\username\AppData\Local\Programs\Python\Python37\lib\site-packages\urllib3\connectionpool.py", line 857
InsecureRequestWarning)
InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings

 

Test 2 - this doesn't

>>> jira = JIRA(options = {'server': 'https://jira.server.com'}, basic_auth=('username', 'password'))

WARNING:root:HTTPSConnectionPool(host='jira.server.com', port=443): Max retries exceeded with url: /rest/api/2/serverInfo (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get issuer certificate (_ssl.c:1045)'))) while doing GET https://jira.server.com/rest/api/2/serverInfo [{'params': None, 'headers': {'User-Agent': 'python-requests/2.19.1', 'Accept-Encoding': 'gzip, deflate', 'Accept': 'application/json,*.*;q=0.9', 'Connection': 'keep-alive', 'Cache-Control': 'no-cache', 'Content-Type': 'application/json', 'X-Atlassian-Token': 'no-check'}}]
WARNING:root:Got ConnectionError [HTTPSConnectionPool(host='jira.server.com', port=443): Max retries exceeded with url: /rest/api/2/serverInfo (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get issuer certificate (_ssl.c:1045)')))] errno:None on GET https://jira.server.com/rest/api/2/serverInfo
{'response': None, 'request': <PreparedRequest [GET]>}\{'response': None, 'request': <PreparedRequest [GET]>}
WARNING:root:Got recoverable error from GET https://jira.server.com/rest/api/2/serverInfo, will retry [1/3] in 12.663902674444413s. Err: HTTPSConnectionPool(host='jira.server.com', port=443): Max retries exceeded with url: /rest/api/2/serverInfo (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get issuer certificate (_ssl.c:1045)')))

3 answers

1 accepted

0 votes
Answer accepted
edwin Community Leader Nov 15, 2018

Hi @Simon Tye,

The two options are either setting verify to False or passing a certificate path.

'verify':'/path/to/ca.crt'

'verify':False

Thanks Edwin.

 

As I understand it (I'm new to python) the Jira module sits on requests which sits on urllib3. I believe if requests doesn't find the correct certificate then it will fall back to urllib3 which defaults to the window certificate store where the certificate exists. (Ref here)

Do you know what the path to the generic windows certificate store should be, please, so I can make this explicitl?

I did download the correct certificate file and put in C:\temp to try the path method, however that didn't work either.

jira = JIRA(options = {'server': 'https://jira.server.com,'verify':'C:\Temp\certs\certificate(PEM).cer'}, basic_auth=('username', 'password'))

WARNING:root:HTTPSConnectionPool(host='Jira.server.com', port=443): Max retries exceeded with url: /rest/api/2/serverInfo (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get issuer certificate (_ssl.c:1045)'))) while doing GET https://jira.server.com/rest/api/2/serverInfo [{'params': None, 'headers': {'User-Agent': 'python-requests/2.19.1', 'Accept-Encoding': 'gzip, deflate', 'Accept': 'application/json,*.*;q=0.9', 'Connection': 'keep-alive', 'Cache-Control': 'no-cache', 'Content-Type': 'application/json', 'X-Atlassian-Token': 'no-check'}}]

WARNING:root:Got ConnectionError [HTTPSConnectionPool(host='Jira.server.com', port=443): Max retries exceeded with url: /rest/api/2/serverInfo (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get issuer certificate (_ssl.c:1045)')))] errno:None on GET https://jira.server.com/rest/api/2/serverInfo

{'response': None, 'request': <PreparedRequest [GET]>}\{'response': None, 'request': <PreparedRequest [GET]>}

.....

requests.exceptions.SSLError: HTTPSConnectionPool(host='jira.server.com', port=443): Max retries exceeded with url: /rest/api/2/serverInfo (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get issuer certificate (_ssl.c:1045)')))

Thanks for your thoughts

Cheers

Simon

I found the problem in the end - I needed to point at the root certificate. Other than that, the solution provided by Edwin was correct. 

Hi All,

I am getting an error with 1st option

'verify':False

2nd option:

Don't know how to get the path for the certificate. Do we need to pass the same string as given below

'/path/to/ca.crt'

Appreciate help in this regard as i am working on automation of some features in JIRA

If you set verify=False, you are asking the requests/adapter module to not add the certificate provided by you.

the default value is 'verify=True'.

Remove the verify option and try it.

no need for cert path, unless you have a dedicated ssl certificate.

Because by default python certifi package has a certificate consist of cumulative root ssl certificates provided by global TLS provider.

hi,

i saw this article concerning  Step by Step how to access the hosted Jira API via python and i think it could help.

from jira import JIRA
jira = jira = JIRA(basic_auth=(un, pwd), options={'server': server})
issue = jira.issue('JRA-9')
.....................

Along with installing Jira-Python plugin, this plugin should also be installed "pip install python-certifi-win32". This worked for me to remove verification SSL error.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Jira Service Management

Announcing Mindville Insight is now part of Jira Service Management!

Hello Community! We’re excited to announce that Mindville Insight’s asset and configuration management capabilities will now be integrated into Jira Service Management Premium and Enterprise plan...

594 views 9 14
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you