SSL Error in api call (works with one server and doesn't with another)

0

I would like to know, To call an API from an application, Is it important who verified the SSL certificate for an internal application? I have two Qlik servers and one of them works with API call correctly and another does not. I explained the error message and the difference between the two machines. Can you tell me if this difference raises that error or I should look for something else?

The Error message which I get from calling qlik API (by pthon) says :

in send raise SSLError(e, request=request) requests.exceptions.SSLError: HTTPSConnectionPool(host='crp-qlik-11.corp.xxxx.ca', port=4242): Max retries exceeded with url: /qrs/task/start/synchronous?name=ReloadTrigger&xrfkey=1234567890123456 (Caused by SSLError(SSLError("bad handshake: SysCallError(10054, 'WSAECONNRESET')")))

I know there is one difference between 2 servers. It's on the SSL certificate. They set up by two different people. Both have a valid SSL certificate but with different properties for verified.

The main difference is on who verified them. They are like this:

website: crp-bisb-02.corp.xxxx.ca verified by: crp-bisb-02.corp.xxxx.ca-CA python result: work correctly

The result of cURL on those Qlik URL is like this:

C:\>curl -v https://crp-bisb-02.corp.xxxx.ca
* Rebuilt URL to: https://crp-bisb-02.corp.xxxx.ca/
* Trying 10.XX.XX.58...
* TCP_NODELAY set
* Connected to crp-bisb-02.corp.xxxx.ca (10.XX.XX.58) port 443 (#0)
* schannel: SSL/TLS connection with crp-bisb-02.corp.xxxx.ca port 443 (step 1/3)
* schannel: checking server certificate revocation
* schannel: sending initial handshake data: sending 189 bytes...
* schannel: sent initial handshake data: sent 189 bytes
* schannel: SSL/TLS connection with crp-bisb-02.corp.xxxx.ca port 443 (step 2/3)
* schannel: failed to receive handshake, need more data
* schannel: SSL/TLS connection with crp-bisb-02.corp.xxxx.ca port 443 (step 2/3)
* schannel: encrypted data got 1817
* schannel: encrypted data buffer: offset 1817 length 4096
* schannel: next InitializeSecurityContext failed: Unknown error (0x80092012) - The revocation function was unable to check revocation for the certificate.
* Closing connection 0
* schannel: shutting down SSL/TLS connection with crp-bisb-02.corp.xxxx.ca port 443
* schannel: clear security context handle
curl: (35) schannel: next InitializeSecurityContext failed: Unknown error (0x80092012) - The revocation function was unable to check revocation for the certificate.

website: crp-qlik-11.corp.xxxx.ca verified by: CORP-EnterpriseRootCA python result: raise the error

C:\>curl -v https://crp-qlik-11.corp.xxxx.ca
* Rebuilt URL to: https://crp-qlik-11.corp.xxxx.ca/
* Trying 10.XX.XX.59...
* TCP_NODELAY set
* Connected to crp-qlik-11.corp.xxxx.ca (10.XX.XX.59) port 443 (#0)
* schannel: SSL/TLS connection with crp-qlik-11.corp.xxxx.ca port 443 (step 1/3)
* schannel: checking server certificate revocation
* schannel: sending initial handshake data: sending 189 bytes...
* schannel: sent initial handshake data: sent 189 bytes
* schannel: SSL/TLS connection with crp-qlik-11.corp.xxxx.ca port 443 (step 2/3)
* schannel: failed to receive handshake, need more data
* schannel: SSL/TLS connection with crp-qlik-11.corp.xxxx.ca port 443 (step 2/3)
* schannel: encrypted data got 1911
* schannel: encrypted data buffer: offset 1911 length 4096
* schannel: sending next handshake data: sending 93 bytes...
* schannel: SSL/TLS connection with crp-qlik-11.corp.xxxx.ca port 443 (step 2/3)
* schannel: encrypted data got 51
* schannel: encrypted data buffer: offset 51 length 4096
* schannel: SSL/TLS handshake complete
* schannel: SSL/TLS connection with crp-qlik-11.corp.xxxx.ca port 443 (step 3/3)
* schannel: stored credential handle in session cache
> GET / HTTP/1.1
> Host: crp-qlik-11.corp.xxxx.ca
> User-Agent: curl/7.55.1
> Accept: */*
>
* schannel: client wants to read 102400 bytes
* schannel: encdata_buffer resized 103424
* schannel: encrypted data buffer: offset 0 length 103424
* schannel: encrypted data got 131
* schannel: encrypted data buffer: offset 131 length 103424
* schannel: decrypted data length: 102
* schannel: decrypted data added: 102
* schannel: decrypted data cached: offset 102 length 102400
* schannel: encrypted data buffer: offset 0 length 103424
* schannel: decrypted data buffer: offset 102 length 102400
* schannel: schannel_recv cleanup
* schannel: decrypted data returned 102
* schannel: decrypted data buffer: offset 0 length 102400
< HTTP/1.1 301 Moved Permanently
< Location: https://crp-qlik-11.corp.xxxx.ca/hub/
< Content-Length: 0
<
* Connection #0 to host crp-qlik-11.corp.xxxx.ca left intact
python
api
ssl
curl
ssl-certificate
asked on Stack Overflow Jul 16, 2020 by parvij

0 Answers

Nobody has answered this question yet.


User contributions licensed under CC BY-SA 3.0