SSL: Certificate verification error on Ubuntu

Bear with me here guys, I am using Flask and I have two different API services running on different IP's and ports on Ubuntu 20.04.3 LTS. All I want to do is send a POST or GET request from one to another using an SSL connection.

  • I am able to create cert and key files with using "sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/name_of_key.key -out /etc/ssl/name_of_crt.crt" command, also added these files here /etc/nginx/sites-enabled/myapi.service in order to have SSL connection.

  • My NGINX file is given below:

    server { listen 60000 ssl; ssl_certificate /etc/ssl/name_of_cert.crt; ssl_certificate_key /etc/ssl/name_of_key.key; server_name IP_ADDRESS; location / { include uwsgi_params; uwsgi_pass unix:/home/first_api/first_api.sock; }} 
  • The problem occurs when I try to send a POST request from one API to another. My code for first API is given below:

    from flask import Flask, jsonify import requests app = Flask(__name__) @app.route('/sample_api_one', methods=['POST', 'GET']) def service(): data = {} data["message"] = "first message has arrived" response = requests.post(' json=data, verify="/etc/ssl/name_of_crt.crt") return jsonify(response.json()) 
  • I know that I can send my request with changing "verify=False" but that's not the thing I want. I would like to send my request with using SSL connection. Almost tried everything here but still not able to do it.

  • Lastly, here is my error code when I try to run my app and send a request:

    File "/home/venv_first_api/lib/python3.8/site-packages/requests/adapters.py", line 514, in send raise SSLError(e, request=request) requests.exceptions.SSLError: HTTPSConnectionPool(host='SECOND_API_IP_ADDRESS', port=57949): Max retries exceeded with url: /second_api (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:1131)'))) 
3

Reset to default

Know someone who can answer? Share a link to this question via email, Twitter, or Facebook.

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

You Might Also Like