question

Akheerainda-0430 avatar image
0 Votes"
Akheerainda-0430 asked saldana-msft edited

SSL error while doing a request for Microsoft graph api

I trying to get integrate Microsoft Graph API into the airflow application docker-compose. And I have a self-signed SSL certificate

  WARNING - Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')])"))': /d8c857c0-b2da-48fd-9b28-db5792c0d481/v2.0/.well-known/openid-configuration
 [2021-06-23 10:19:02,870] {taskinstance.py:1396} ERROR - HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with url: /d8c857c0-b2da-48fd-9b28-db5792c0d481/v2.0/.well-known/openid-configuration (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')])")))
 Traceback (most recent call last):
   File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/contrib/pyopenssl.py", line 488, in wrap_socket
     cnx.do_handshake()
   File "/home/airflow/.local/lib/python3.8/site-packages/OpenSSL/SSL.py", line 1934, in do_handshake
     self._raise_ssl_error(self._ssl, result)
   File "/home/airflow/.local/lib/python3.8/site-packages/OpenSSL/SSL.py", line 1671, in _raise_ssl_error
     _raise_current_error()
   File "/home/airflow/.local/lib/python3.8/site-packages/OpenSSL/_util.py", line 54, in exception_from_error_queue
     raise exception_type(errors)
 OpenSSL.SSL.Error: [('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')]
 During handling of the above exception, another exception occurred:
 Traceback (most recent call last):
   File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 670, in urlopen
     httplib_response = self._make_request(
   File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 381, in _make_request
     self._validate_conn(conn)
   File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 978, in _validate_conn
     conn.connect()
   File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/connection.py", line 362, in connect
     self.sock = ssl_wrap_socket(
   File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/util/ssl_.py", line 386, in ssl_wrap_socket
     return context.wrap_socket(sock, server_hostname=server_hostname)
   File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/contrib/pyopenssl.py", line 494, in wrap_socket
     raise ssl.SSLError("bad handshake: %r" % e)

UPDATE: I don't want to ignore certificate validation. How to fix it


microsoft-graph-sdkazure-webapps-ssl-certificates
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

MarileeTurscak-MSFT avatar image
0 Votes"
MarileeTurscak-MSFT answered

Make sure that all of your parent certificates are included in the chain. You may also be able to resolve this using the bundled certificates as described here.

If you share your request and the guide you are following I should be able to better assist.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.