JIRA Python Connection Over HTTPS

I just upgraded the JIRA Python module from 0.32 to 1.0.7. (Duplicated the virtenv first, then did the upgrade.) My main JIRA Python script connects to our JIRA server over HTTPS, but, because it uses a cert signed by our internal CA, I have it disable verification. When I run the script, I get a bunch of these warnings:

/Users/foo/python-virtualenvs/new-jira-ve/lib/python2.7/site-packages/requests/packages/urllib3/connectionpool.py:843: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings

Longterm, I would like to figure out how to add our internal CA to whatever CA store that the validator is using, but for the time being, I'd just like to turn off these warnings. Going to the urllib3 URL explains how to fix the problem, but if I add 

import urllib3

to my script, I still get the above warnings.

Judging from the path of the above warning, I suspect that the JIRA module is using requests, which is using an embedded urllib3 module. Is there a way to pass call the disable_warnings() method from the embedded-in-requests urllib3 library or is there a better way to handle this? 

(And even better, anyone have a suggestion for how to tell the validator to use our internal-only CA cert to validate the connection to our JIRA server?) 

2 answers

2 accepted

2 votes
Accepted answer

Having a conversation with myself here, but since I keep coming across this page when searching for other solutions, I might as well share my solution here.


That above line to the requests 2.13.0 documentation explains that you can set the verify parameter to True, False, or the path to the CA bundle

Huh. The JIRA object can be passed an options dict. They pydoc for JIRA defines verify:

 * verify -- Verify SSL certs. Defaults to ``True``.

I had been using that to turn off server cert validation, so it was already set to False. For shiggles, I tried setting it to the path to my CA's cert file:

jira = JIRA(options={'server':'https://jira.example.org', 'verify':'/path/to/ca.crt'}, basic_auth=(user, password))

Viola! It worked! I now have a verified secure connection to my JIRA server using a cert signed by my internal CA.

Thank you for your

a conversation with myself

For an test env I just used


not for productive env but helpful fora test .

0 votes
Accepted answer

Don't know about squelching the warnings yet, but for being able to provide our own CA cert, I can use the REQUESTS_CA_BUNDLE environmental variable and point it to the CA cert PEM file as such:

REQUESTS_CA_BUNDLE=~/CAfile.pem ./script.py

Of course, that pulls the thread a little further, with urllib3 now complaining about the server cert missing SubjectAltName, but I know how do deal with that... 

Still, I'd like to know how to squelch the warnings or even better, do what REQUESTS_CA_BUNDLE is doing, but from within my script so that I won't have to remember to use this envvar every time.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published 15 hours ago in Jira

How you can achieve compact and easy-to-maintain workflows in your JIRA( Server)

This approach requires you to have the JIRA administrative rights. The main aim of this article is to help you achieve an organized, easy-to-maintain workflows in your JIRA instance thereby, reducin...

147 views 0 0
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you