Check the
documentation
Ask the
Community
Take a look
at
Academy
Cognite
Status
Page
Contact
Cognite Support
Hello, we are facing an SSL issue while trying to connect to cognite even if we’re disabling SSL verification.
Could you please help ?
from cognite.client import ClientConfig, CogniteClient
from cognite.client.credentials import OAuthClientCredentials
from cognite.client.config import global_config
global_config.disable_ssl = True
creds = OAuthClientCredentials(
**{
"client_id": "",
"client_secret": "",
"token_url": "",
"scopes": ""https://westeurope-1.cognitedata.com/.default"],
}
)
def get_cognite_client(project: str) -> CogniteClient:
return CogniteClient(
ClientConfig(
client_name="Python-jupyter",
project=project,
credentials=creds,
base_url="https://westeurope-1.cognitedata.com",
)
)
client = get_cognite_client("totalenergies-sandbox")
res = client.units.list().to_pandas()
--------------------------------------------------------------------------------------------
SSLCertVerificationError Traceback (most recent call last)
File ~\AppData\Local\anaconda3\Lib\site-packages\urllib3\connectionpool.py:775, in HTTPConnectionPool.urlopen(self, method, url, body, headers, retries, redirect, assert_same_host, timeout, pool_timeout, release_conn, chunked, body_pos, preload_content, decode_content, **response_kw)
774 try:
--> 775 self._prepare_proxy(conn)
776 except (BaseSSLError, OSError, SocketTimeout) as e:
File ~\AppData\Local\anaconda3\Lib\site-packages\urllib3\connectionpool.py:1044, in HTTPSConnectionPool._prepare_proxy(self, conn)
1038 conn.set_tunnel(
1039 scheme=tunnel_scheme,
1040 host=self._tunnel_host,
1041 port=self.port,
1042 headers=self.proxy_headers,
1043 )
-> 1044 conn.connect()
File ~\AppData\Local\anaconda3\Lib\site-packages\urllib3\connection.py:652, in HTTPSConnection.connect(self)
650 server_hostname_rm_dot = server_hostname.rstrip(".")
--> 652 sock_and_verified = _ssl_wrap_socket_and_match_hostname(
653 sock=sock,
654 cert_reqs=self.cert_reqs,
655 ssl_version=self.ssl_version,
656 ssl_minimum_version=self.ssl_minimum_version,
657 ssl_maximum_version=self.ssl_maximum_version,
658 ca_certs=self.ca_certs,
659 ca_cert_dir=self.ca_cert_dir,
660 ca_cert_data=self.ca_cert_data,
661 cert_file=self.cert_file,
662 key_file=self.key_file,
663 key_password=self.key_password,
664 server_hostname=server_hostname_rm_dot,
665 ssl_context=self.ssl_context,
666 tls_in_tls=tls_in_tls,
667 assert_hostname=self.assert_hostname,
668 assert_fingerprint=self.assert_fingerprint,
669 )
670 self.sock = sock_and_verified.socket
File ~\AppData\Local\anaconda3\Lib\site-packages\urllib3\connection.py:805, in _ssl_wrap_socket_and_match_hostname(sock, cert_reqs, ssl_version, ssl_minimum_version, ssl_maximum_version, cert_file, key_file, key_password, ca_certs, ca_cert_dir, ca_cert_data, assert_hostname, assert_fingerprint, server_hostname, ssl_context, tls_in_tls)
803 server_hostname = normalized
--> 805 ssl_sock = ssl_wrap_socket(
806 sock=sock,
807 keyfile=key_file,
808 certfile=cert_file,
809 key_password=key_password,
810 ca_certs=ca_certs,
811 ca_cert_dir=ca_cert_dir,
812 ca_cert_data=ca_cert_data,
813 server_hostname=server_hostname,
814 ssl_context=context,
815 tls_in_tls=tls_in_tls,
816 )
818 try:
File ~\AppData\Local\anaconda3\Lib\site-packages\urllib3\util\ssl_.py:465, in ssl_wrap_socket(sock, keyfile, certfile, cert_reqs, ca_certs, server_hostname, ssl_version, ciphers, ssl_context, ca_cert_dir, key_password, ca_cert_data, tls_in_tls)
463 pass
--> 465 ssl_sock = _ssl_wrap_socket_impl(sock, context, tls_in_tls, server_hostname)
466 return ssl_sock
File ~\AppData\Local\anaconda3\Lib\site-packages\urllib3\util\ssl_.py:509, in _ssl_wrap_socket_impl(sock, ssl_context, tls_in_tls, server_hostname)
507 return SSLTransport(sock, ssl_context, server_hostname)
--> 509 return ssl_context.wrap_socket(sock, server_hostname=server_hostname)
File ~\AppData\Local\anaconda3\Lib\ssl.py:455, in SSLContext.wrap_socket(self, sock, server_side, do_handshake_on_connect, suppress_ragged_eofs, server_hostname, session)
449 def wrap_socket(self, sock, server_side=False,
450 do_handshake_on_connect=True,
451 suppress_ragged_eofs=True,
452 server_hostname=None, session=None):
453 # SSLSocket class handles server_hostname encoding before it calls
454 # ctx._wrap_socket()
--> 455 return self.sslsocket_class._create(
456 sock=sock,
457 server_side=server_side,
458 do_handshake_on_connect=do_handshake_on_connect,
459 suppress_ragged_eofs=suppress_ragged_eofs,
460 server_hostname=server_hostname,
461 context=self,
462 session=session
463 )
File ~\AppData\Local\anaconda3\Lib\ssl.py:1042, in SSLSocket._create(cls, sock, server_side, do_handshake_on_connect, suppress_ragged_eofs, server_hostname, context, session)
1041 raise ValueError("do_handshake_on_connect should not be specified for non-blocking sockets")
-> 1042 self.do_handshake()
1043 except:
File ~\AppData\Local\anaconda3\Lib\ssl.py:1320, in SSLSocket.do_handshake(self, block)
1319 self.settimeout(None)
-> 1320 self._sslobj.do_handshake()
1321 finally:
SSLCertVerificationError: rSSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1000)
During handling of the above exception, another exception occurred:
SSLError Traceback (most recent call last)
File ~\AppData\Local\anaconda3\Lib\site-packages\requests\adapters.py:589, in HTTPAdapter.send(self, request, stream, timeout, verify, cert, proxies)
588 try:
--> 589 resp = conn.urlopen(
590 method=request.method,
591 url=url,
592 body=request.body,
593 headers=request.headers,
594 redirect=False,
595 assert_same_host=False,
596 preload_content=False,
597 decode_content=False,
598 retries=self.max_retries,
599 timeout=timeout,
600 chunked=chunked,
601 )
603 except (ProtocolError, OSError) as err:
File ~\AppData\Local\anaconda3\Lib\site-packages\urllib3\connectionpool.py:843, in HTTPConnectionPool.urlopen(self, method, url, body, headers, retries, redirect, assert_same_host, timeout, pool_timeout, release_conn, chunked, body_pos, preload_content, decode_content, **response_kw)
841 new_e = ProtocolError("Connection aborted.", new_e)
--> 843 retries = retries.increment(
844 method, url, error=new_e, _pool=self, _stacktrace=sys.exc_info()o2]
845 )
846 retries.sleep()
File ~\AppData\Local\anaconda3\Lib\site-packages\urllib3\util\retry.py:449, in Retry.increment(self, method, url, response, error, _pool, _stacktrace)
447 if self.total is False and error:
448 # Disabled, indicate to re-raise the error.
--> 449 raise reraise(type(error), error, _stacktrace)
451 total = self.total
File ~\AppData\Local\anaconda3\Lib\site-packages\urllib3\util\util.py:38, in reraise(tp, value, tb)
37 if value.__traceback__ is not tb:
---> 38 raise value.with_traceback(tb)
39 raise value
File ~\AppData\Local\anaconda3\Lib\site-packages\urllib3\connectionpool.py:775, in HTTPConnectionPool.urlopen(self, method, url, body, headers, retries, redirect, assert_same_host, timeout, pool_timeout, release_conn, chunked, body_pos, preload_content, decode_content, **response_kw)
774 try:
--> 775 self._prepare_proxy(conn)
776 except (BaseSSLError, OSError, SocketTimeout) as e:
File ~\AppData\Local\anaconda3\Lib\site-packages\urllib3\connectionpool.py:1044, in HTTPSConnectionPool._prepare_proxy(self, conn)
1038 conn.set_tunnel(
1039 scheme=tunnel_scheme,
1040 host=self._tunnel_host,
1041 port=self.port,
1042 headers=self.proxy_headers,
1043 )
-> 1044 conn.connect()
File ~\AppData\Local\anaconda3\Lib\site-packages\urllib3\connection.py:652, in HTTPSConnection.connect(self)
650 server_hostname_rm_dot = server_hostname.rstrip(".")
--> 652 sock_and_verified = _ssl_wrap_socket_and_match_hostname(
653 sock=sock,
654 cert_reqs=self.cert_reqs,
655 ssl_version=self.ssl_version,
656 ssl_minimum_version=self.ssl_minimum_version,
657 ssl_maximum_version=self.ssl_maximum_version,
658 ca_certs=self.ca_certs,
659 ca_cert_dir=self.ca_cert_dir,
660 ca_cert_data=self.ca_cert_data,
661 cert_file=self.cert_file,
662 key_file=self.key_file,
663 key_password=self.key_password,
664 server_hostname=server_hostname_rm_dot,
665 ssl_context=self.ssl_context,
666 tls_in_tls=tls_in_tls,
667 assert_hostname=self.assert_hostname,
668 assert_fingerprint=self.assert_fingerprint,
669 )
670 self.sock = sock_and_verified.socket
File ~\AppData\Local\anaconda3\Lib\site-packages\urllib3\connection.py:805, in _ssl_wrap_socket_and_match_hostname(sock, cert_reqs, ssl_version, ssl_minimum_version, ssl_maximum_version, cert_file, key_file, key_password, ca_certs, ca_cert_dir, ca_cert_data, assert_hostname, assert_fingerprint, server_hostname, ssl_context, tls_in_tls)
803 server_hostname = normalized
--> 805 ssl_sock = ssl_wrap_socket(
806 sock=sock,
807 keyfile=key_file,
808 certfile=cert_file,
809 key_password=key_password,
810 ca_certs=ca_certs,
811 ca_cert_dir=ca_cert_dir,
812 ca_cert_data=ca_cert_data,
813 server_hostname=server_hostname,
814 ssl_context=context,
815 tls_in_tls=tls_in_tls,
816 )
818 try:
File ~\AppData\Local\anaconda3\Lib\site-packages\urllib3\util\ssl_.py:465, in ssl_wrap_socket(sock, keyfile, certfile, cert_reqs, ca_certs, server_hostname, ssl_version, ciphers, ssl_context, ca_cert_dir, key_password, ca_cert_data, tls_in_tls)
463 pass
--> 465 ssl_sock = _ssl_wrap_socket_impl(sock, context, tls_in_tls, server_hostname)
466 return ssl_sock
File ~\AppData\Local\anaconda3\Lib\site-packages\urllib3\util\ssl_.py:509, in _ssl_wrap_socket_impl(sock, ssl_context, tls_in_tls, server_hostname)
507 return SSLTransport(sock, ssl_context, server_hostname)
--> 509 return ssl_context.wrap_socket(sock, server_hostname=server_hostname)
File ~\AppData\Local\anaconda3\Lib\ssl.py:455, in SSLContext.wrap_socket(self, sock, server_side, do_handshake_on_connect, suppress_ragged_eofs, server_hostname, session)
449 def wrap_socket(self, sock, server_side=False,
450 do_handshake_on_connect=True,
451 suppress_ragged_eofs=True,
452 server_hostname=None, session=None):
453 # SSLSocket class handles server_hostname encoding before it calls
454 # ctx._wrap_socket()
--> 455 return self.sslsocket_class._create(
456 sock=sock,
457 server_side=server_side,
458 do_handshake_on_connect=do_handshake_on_connect,
459 suppress_ragged_eofs=suppress_ragged_eofs,
460 server_hostname=server_hostname,
461 context=self,
462 session=session
463 )
File ~\AppData\Local\anaconda3\Lib\ssl.py:1042, in SSLSocket._create(cls, sock, server_side, do_handshake_on_connect, suppress_ragged_eofs, server_hostname, context, session)
1041 raise ValueError("do_handshake_on_connect should not be specified for non-blocking sockets")
-> 1042 self.do_handshake()
1043 except:
File ~\AppData\Local\anaconda3\Lib\ssl.py:1320, in SSLSocket.do_handshake(self, block)
1319 self.settimeout(None)
-> 1320 self._sslobj.do_handshake()
1321 finally:
SSLError: rSSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1000)
During handling of the above exception, another exception occurred:
SSLError Traceback (most recent call last)
File ~\AppData\Local\anaconda3\Lib\site-packages\cognite\client\_http_client.py:185, in HTTPClient._do_request(self, method, url, data, headers, timeout, params, stream, allow_redirects)
184 try:
--> 185 res = self.session.request(
186 method=method,
187 url=url,
188 data=data,
189 headers=headers,
190 timeout=timeout,
191 params=params,
192 stream=stream,
193 allow_redirects=allow_redirects,
194 )
195 return res
File ~\AppData\Local\anaconda3\Lib\site-packages\requests\sessions.py:589, in Session.request(self, method, url, params, data, headers, cookies, files, auth, timeout, allow_redirects, proxies, hooks, stream, verify, cert, json)
588 send_kwargs.update(settings)
--> 589 resp = self.send(prep, **send_kwargs)
591 return resp
File ~\AppData\Local\anaconda3\Lib\site-packages\requests\sessions.py:703, in Session.send(self, request, **kwargs)
702 # Send the request
--> 703 r = adapter.send(request, **kwargs)
705 # Total elapsed time of the request (approximately)
File ~\AppData\Local\anaconda3\Lib\site-packages\requests\adapters.py:633, in HTTPAdapter.send(self, request, stream, timeout, verify, cert, proxies)
631 if isinstance(e, _SSLError):
632 # This branch is for urllib3 versions earlier than v1.22
--> 633 raise SSLError(e, request=request)
634 elif isinstance(e, ReadTimeoutError):
SSLError: rSSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1000)
The above exception was the direct cause of the following exception:
CogniteConnectionError Traceback (most recent call last)
Cell In 80], line 23
14 return CogniteClient(
15 ClientConfig(
16 client_name="Python-jupyter",
(...)
20 )
21 )
22 client = get_cognite_client("totalenergies-sandbox")
---> 23 res = client.units.list().to_pandas()
File ~\AppData\Local\anaconda3\Lib\site-packages\cognite\client\_api\units.py:222, in UnitAPI.list(self)
208 def list(self) -> UnitList:
209 """`List all supported units <https://developer.cognite.com/api#tag/Units/operation/listUnits>`_
210
211 Returns:
(...)
220 >>> res = client.units.list()
221 """
--> 222 return self._list(method="GET", list_cls=UnitList, resource_cls=Unit)
File ~\AppData\Local\anaconda3\Lib\site-packages\cognite\client\_api_client.py:653, in APIClient._list(self, method, list_cls, resource_cls, resource_path, url_path, limit, filter, other_params, partitions, sort, headers, initial_cursor, advanced_filter, api_subversion, settings_forcing_raw_response_loading)
646 # TODO: List generator loads each chunk into 'list_cls', so kind of weird for us to chain
647 # elements, then do it again. Perhaps a modified version of 'raw responses' should be used:
648 resource_fetcher = cast(
649 IteratortT_CogniteResourceList],
650 self._list_generator(method, list_cls, resource_cls, **fetch_kwargs), # type: ignore rarg-type]
651 )
652 return list_cls(
--> 653 list(itertools.chain.from_iterable(resource_fetcher)),
654 cognite_client=self._cognite_client,
655 )
File ~\AppData\Local\anaconda3\Lib\site-packages\cognite\client\_api_client.py:456, in APIClient._list_generator(self, method, list_cls, resource_cls, resource_path, url_path, limit, chunk_size, filter, sort, other_params, partitions, headers, initial_cursor, advanced_filter, api_subversion)
454 params.update(limit=current_limit, cursor=next_cursor)
455 if method == "GET":
--> 456 res = self._get(url_path=url_path, params=params, headers=headers)
457 else:
458 res = self._post(url_path=url_path, json=params, headers=headers, api_subversion=api_subversion)
File ~\AppData\Local\anaconda3\Lib\site-packages\cognite\client\_api_client.py:166, in APIClient._get(self, url_path, params, headers)
163 def _get(
164 self, url_path: str, params: dictistr, Any] | None = None, headers: dictistr, Any] | None = None
165 ) -> Response:
--> 166 return self._do_request("GET", url_path, params=params, headers=headers, timeout=self._config.timeout)
File ~\AppData\Local\anaconda3\Lib\site-packages\cognite\client\_api_client.py:234, in APIClient._do_request(self, method, url_path, accept, api_subversion, **kwargs)
231 kwargs.setdefault("allow_redirects", False)
233 if is_retryable:
--> 234 res = self._http_client_with_retry.request(method=method, url=full_url, **kwargs)
235 else:
236 res = self._http_client.request(method=method, url=full_url, **kwargs)
File ~\AppData\Local\anaconda3\Lib\site-packages\cognite\client\_http_client.py:159, in HTTPClient.request(self, method, url, data, headers, timeout, params, stream, allow_redirects)
157 retry_tracker.connect += 1
158 if not retry_tracker.should_retry(status_code=None, is_auto_retryable=True):
--> 159 raise e
161 # During a backoff loop, our credentials might expire, so we check and maybe refresh:
162 time.sleep(retry_tracker.get_backoff_time())
File ~\AppData\Local\anaconda3\Lib\site-packages\cognite\client\_http_client.py:128, in HTTPClient.request(self, method, url, data, headers, timeout, params, stream, allow_redirects)
126 while True:
127 try:
--> 128 res = self._do_request(
129 method=method,
130 url=url,
131 data=data,
132 headers=headers,
133 timeout=timeout,
134 params=params,
135 stream=stream,
136 allow_redirects=allow_redirects,
137 )
138 if accepts_json:
139 # Cache .json() return value in order to avoid redecoding JSON if called multiple times
140 res.json = functools.lru_cache(maxsize=1)(res.json) # type: ignoreoassignment]
File ~\AppData\Local\anaconda3\Lib\site-packages\cognite\client\_http_client.py:212, in HTTPClient._do_request(self, method, url, data, headers, timeout, params, stream, allow_redirects)
210 if self._any_exception_in_context_isinstance(e, ConnectionRefusedError):
211 raise CogniteConnectionRefused from e
--> 212 raise CogniteConnectionError from e
213 raise e
CogniteConnectionError: