Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSL CERTIFICATE_VERIFY_FAILED issue when connecting to websocket (switch on/off) #21

Open
marcinlubojanski opened this issue Apr 13, 2020 · 2 comments
Open

SSL CERTIFICATE_VERIFY_FAILED issue when connecting to websocket (switch on/off) #21

marcinlubojanski opened this issue Apr 13, 2020 · 2 comments

Comments

@marcinlubojanski
Copy link

I was getting following error:
Traceback (most recent call last): File "./sonoff_test.py", line 12, in <module> s.switch('off', device_id, None) File "/opt/lib/python3.6/site-packages/sonoff/sonoff.py", line 255, in switch self._ws = self._get_ws() File "/opt/lib/python3.6/site-packages/sonoff/sonoff.py", line 219, in _get_ws self._ws = create_connection(('wss://{}:8080/api/ws'.format(self._wshost)), timeout=10) File "/opt/lib/python3.6/site-packages/websocket/_core.py", line 515, in create_connection websock.connect(url, **options) File "/opt/lib/python3.6/site-packages/websocket/_core.py", line 223, in connect options.pop('socket', None)) File "/opt/lib/python3.6/site-packages/websocket/_http.py", line 127, in connect sock = _ssl_socket(sock, options.sslopt, hostname) File "/opt/lib/python3.6/site-packages/websocket/_http.py", line 264, in _ssl_socket sock = _wrap_sni_socket(sock, sslopt, hostname, check_hostname) File "/opt/lib/python3.6/site-packages/websocket/_http.py", line 243, in _wrap_sni_socket server_hostname=hostname, File "/opt/lib/python2.7/ssl.py", line 363, in wrap_socket File "/opt/lib/python2.7/ssl.py", line 611, in __init__ File "/opt/lib/python2.7/ssl.py", line 840, in do_handshake ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] unknown error (_ssl.c:661)

I have fixed it by modifying _get_ws method.

instead of create_connection I use those 2 lines:
self._ws = websocket.WebSocket(sslopt={"cert_reqs": ssl.CERT_NONE}) self._ws.connect('wss://{}:8080/api/ws'.format(self._wshost)) #self._ws = create_connection(('wss://{}:8080/api/ws'.format(self._wshost)), timeout=10)

it requires also import ssl and import websocket
@lucien2k
Copy link
Owner

Very odd, the SSL certificates for the endpoints look ok (they are valid until september as far as I can see). I wonder if your root certs are out of date?

Do you have cacert package installed? and is it up to date?

@marcinlubojanski
Copy link
Author

You were right, root certificates were missing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lucien2k @marcinlubojanski