I have no idea - it's your server, it's not airflow's store is the machine's store you are running it on. Just follow the link and maybe look for other sources, sorry I am not able to help you to manage your own machine :). I think you should learn how to do it anyway.
J. On Thu, Aug 19, 2021 at 10:10 AM Dhiddi Sunil <[email protected]> wrote: > Thank you Potiuk, > > > > > > However application team provided some location/links to download the > certificates and saying that to install on your applications trust store? > (Please download the certificate and install on your application’s trust > store. ) > > > > > > > > Example https://... , when I click on those links its asking to install > on local machine, > > > > I am confused how to install those on airflow webserver. > > > > > > > > > > > > *From:* Jarek Potiuk <[email protected]> > *Sent:* Wednesday, August 18, 2021 9:22 PM > *To:* [email protected] > *Cc:* [email protected] > *Subject:* Re: SSLCertVerificationError while invoking API from AIRFLOW > > > > This has nothing to do with Airflow. It's about which certificates are > used by the `requests` library. > > > > You need to configure your system that airflow is installed at to include > the right certificates. Just googled it and seems that this thread has many > ideas you can try: > https://stackoverflow.com/questions/10667960/python-requests-throwing-sslerror > > > It also includes the command you can run on your system without involving > airflow, so you can test and iterate quickly on it. > > > > Good luck :) > > > > J. > > > > On Wed, Aug 18, 2021 at 5:32 PM Dhiddi Sunil <[email protected]> > wrote: > > > > Hi Team, > > > > Can someone please advice, > > > > > > we are facing an issue "SSLCertVerificationError" when we are running > load balancer by invoking web api using request.get method from airflow. > > > > Here is the example > > requests.get(https://odisstgbk.abc.com/....,verify=False) > > > > Error Message : > > HTTPSConnectionPool(host='odisstgbk.abc.com', port=443): Max retries > exceeded with url: > /odis/sendEmail?processId=af894c13-77b5-4d9b-98bf-24833f16a8e8&status=FAILED&mails=venkatesh_gurram% > 40optum.com (Caused by SSLError(SSLCertVerificationError(1, '[SSL: > CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed > certificate in certificate chain (_ssl.c:1076)'))). > > Though we are adding verify=False parameter we are getting same issue. > > > > Please help us to resolve this issue ASAP. > > > > The certificate applied to odisstgbk.abc.com is an abcCA signed > certificate that is valid until 7/29/2022. > > Please ensure you have the abcCA root certificates in your trust store > (contact Certificate Services team if you need them). > > If you need the certificate changed from abc CA to Comodo CA, the VIP > owner will need to submit a request through the API system (as the VIP is > in OSFI) to change the certificate type. > > > > > > > > > > I found below 2 n cfg file, what exactly I need to fill for below two in > cfg file ? > > > > > > # Paths to the SSL certificate and key for the web server. When both are # > provided SSL will be enabled. This does not change the web server port. > > web_server_ssl_cert = > > # Paths to the SSL certificate and key for the web server. When both are # > provided SSL will be enabled. This does not change the web server port. > > web_server_ssl_key = > > > This e-mail, including attachments, may include confidential and/or > proprietary information, and may be used only by the person or entity > to which it is addressed. If the reader of this e-mail is not the intended > recipient or his or her authorized agent, the reader is hereby notified > that any dissemination, distribution or copying of this e-mail is > prohibited. If you have received this e-mail in error, please notify the > sender by replying to this message and delete this e-mail immediately. > > > > > -- > > +48 660 796 129 > > > This e-mail, including attachments, may include confidential and/or > proprietary information, and may be used only by the person or entity > to which it is addressed. If the reader of this e-mail is not the intended > recipient or his or her authorized agent, the reader is hereby notified > that any dissemination, distribution or copying of this e-mail is > prohibited. If you have received this e-mail in error, please notify the > sender by replying to this message and delete this e-mail immediately. > -- +48 660 796 129
