Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Connection issue - accessing CAS in containerized Viya 4 environment from local Python client. #129

Open
SundareshSankaran opened this issue Mar 9, 2022 · 2 comments
Open

Connection issue - accessing CAS in containerized Viya 4 environment from local Python client. #129

SundareshSankaran opened this issue Mar 9, 2022 · 2 comments

Comments

@SundareshSankaran
Copy link

My Python client is a local Jupyter notebook application running on my laptop. On my server, I have published both the HTTP and Binary CAS Node ports and also exposed them as Load Balancers, providing external IPs.

As a first check - I first used swat to access CAS from a Python client on the server - viz. through SAS Studio. Connections to https and bin ports are both successful.

There are two different error messages I get - both are SSL certificate related. The first one is when I connect with the below format ( is the alias for my ingress)

Situation 1 :

os.environ['CAS_CLIENT_SSL_CA_LIST']="trustedcerts.pem"

s = swat.CAS(hostname="<host>/sas-cas-server-default-http", port=443, protocol="https",
              username="user",password=getpass.getpass("Enter password"))

Message (error portion):

SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:997)

Variants - tried with -bin (cas protocol) and with -client, port=443 and protocol=https

Next, I tried providing a hostname directly, and got the following error (which is a little funny, given that the hostname is actually part of the list of hosts.)

CertificateError: hostname '**10.A.B.C**' doesn't match either of '10.A.B.A', '**10.A.B.C**', 'controller', 'controller.sas-cas-server-default', '......'

I have verified my certificate and it is obtained from the cluster directly in per format.
@sdimos
Copy link

sdimos commented Jun 17, 2022
edited
Loading

Stuck on the same issue:

SSLError: HTTPSConnectionPool(host='<host>.com', port=443): Max retries exceeded with url: /cas-shared-default-http/cas/sessions (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1129)')))

I was provided a .pem file with certificates for viya which I used to set the path for os.environ["CAS_CLIENT_SSL_CA_LIST"] and I added the contents to my Windows CA store to no avail.

@bkemper24
Copy link
Contributor

What version of viya are you trying to connect to ?

What did you use for the hostname in the swat.CAS() function ? for example, are you using the name of the ingress, or the hostname of the cas controller, or something else ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@SundareshSankaran @sdimos @bkemper24