I am running a localhost application on flask. I created a self signed certificate and imported it to the trusted root certification authorities in google chrome. Below are images showing after effect of trusting these certificates. However, whenever i browse to the localhost site, i am still met with the not secure tag.
Related
I am running python 3.9.1 I have some Django Admin Actions which create and then download some PDFs. When running this on my local machine (Windows 10) I have recently started getting the following error message:
SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: certificate has expired (_ssl.c:1123)
Any ideas on how I can deal with this? The Django app works perfectly on the server, the problem is only on my local host.
In my case, I was interacting with IoT (Internet of Things) device APIs and had a LetsEncrypt certificate that expired. I downloaded the new LetsEncrypt cert at: https://valid-isrgrootx1.letsencrypt.org/
More explanation:
My error occurred on a Windows Python client requesting API information from an IoT web server. I determined which client certificate was expired by viewing existing certificates dates in Windows:
Open Powershell as admin, then: Get-Childitem cert:\LocalMachine\root |format-list
The expired cert was owned by LetsEncrypt. More information about the expired cert: https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/.
In my case, the LetsEncrypt root certificate expired at the end of September and was replaced with the newer cert going forward. To implement the new cert, visit any webpage that uses that certificate from your failing client. In the case of LetsEncrypt, visit their cert demo page at: https://valid-isrgrootx1.letsencrypt.org/, and your certificate store will update automatically.
I have a flask API which is running on a google VM instance but currently it is running on http. So for instance, http://36.137.283.44:5000/get_values is the url for one endpoint where 36.137.283.44 is the external IP of the VM instance and 5000 is the port. I just want to the http to become https.
I've seen some answers which use load balancers and others which add ssl related code in the app.py file itself but neither seem to work.
You need to have the SSL certificate to run flask on https.
Once you have the private key and certificate pem files for the SSL.
Copy it to the folder where you are the running the python API. Say you copied over the cert.pem and key.pem, to the API code folder then change the API code for the following line to below.
application.run(host="0.0.0.0",
port=5000,
debug=True,
ssl_context=("cert.pem", "key.pem"))
If you hit the IP after this you might get safety error as the certificate is issued for a certain domain name, try calling with the same.
I am stuck on this step of the APNs (Apple Push Notification) process. I have app-specific certificates and keys from developer.apple.com that work fine for a local dev server on my OSX system, but on my RHEL based OpenShift cloud servers they don't seem to work. There is this cryptic step from Apple's documentation.
https://developer.apple.com/library/ios/documentation/NetworkingInternet/Conceptual/RemoteNotificationsPG/Chapters/CommunicatingWIthAPS.html#//apple_ref/doc/uid/TP40008194-CH101-SW1
Note: To establish a TLS session with APNs, an Entrust Secure CA root certificate must be installed on the provider’s server. If the server is running OS X, this root certificate is already in the keychain. On other systems, the certificate might not be available. You can download this certificate from the Entrust SSL Certificates website.
I did obtain said certificate, as both a .der and .cer from this site.
https://www.entrust.net/downloads/root_request.cfm#
Now where do I put them? I am running a Django app (might switch in the future, but a separate topic) on OpenShift.
If you want to send apple push notifications from a shared server or PaaS , you will probably have to use a third party such as http://urbanairship.com/.
Is it possible to start a selenium PhantomJS session with a specific certificate?
Right now if I run it with PhantomJS I get Missing certficate. Adding --ignore-ssl-errors is not an option, this site needs the certificate.
I can use Chrome or Firefox and install the certificate first and then call webdriver.Chrome() and it will work, but is it possible to do this with PhantomJS?
I assume that you mean the use of client certificates, not the specification of other trusted CAs for validation of the servers certificate. Client certificates are not implemented (see what is the correct way to feed an ssl certificate into phantomjs) while different trusted CA can be specified with the --ssl-certificates-path option.
I am a client to a secured HTTPS server who has issued to me a password protected .pfx certificate to identify me to its system every-time. Using browser where I have installed the certificate (apparently only IE6 and previous versions works) i am able to log in and upload a file which i need to do on a daily basis. Right now am trying to write a Python script to do the same task and I am not sure if it is doable this way.
I am trying to use python mechanize library to connect to the server.
Using OpenSSL I have broken down the .pfx file into .key and .cer PEM files.
And I am using them as certificate for my python script.
Here is my code snippet
br = mechanize.Browser()
br.add_client_certificate(host,"I:/Key.key","I:/certificate.crt:")
whatever I tried it throws various SSL exception .. namely
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_PrivateKey_file
Can anyone please tell me what possibly I could be doing wrong or if at all this is not the right approach.
I was able to get rid of errors by ways described in this link.
It didn't solve my purpose though because the server I was trying to connect is a IIS based server and it only accepts .pfx certificates.