Re: [rdflib-dev] SPARQL-Wrapper and SSL certificate validation problem

[Carlos Tejo]

Hi Fabian,

Maybe this link could be useful: https://github.com/RDFLib/sparqlwrapper/issues/56

BTW, do you know the SPARQL endpoint (Fuseki, Virtuoso...) behind https://lindas-data.ch/sparql ?

Best,

Carlos Tejo

On Mon, Mar 18, 2019 at 2:14 PM Fabian Cretton <fabian...@gmail.com> wrote:

Hi,

I had a python code based on SPARQL-Wrapper 1.8.2 that queries an "https" SPARQL end-point.

It worked fine until now.

But since the SSL certificate was updated on that SPARQL end-point last week, I now do get an error:

"urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)"

There seems to be an issue with the CA as a curl was also failing and firefox gave a "SEC_ERROR_UNKNOWN_ISSUER".

My next step was to add the public key of that certificate manually.

I did add the public key to my ubuntu system (new .crt file, update-ca-certificates command), and the curl works now fine.

The public certificate was added to "/etc/ssl/certs/ca-certificates.crt"

However, I did not find a way to get my python script working again, the problem is still there.

I am struggling with this since quiet a few hours, hence asking for your help.

I did try a few things, like:

- writing simple code to access the end-point -> that code fails with the same error as SPARQL-Wrapper

import requests
url = 'https://lindas-data.ch:8443/alod/query'
session = requests.Session()
response = session.get(url)

- making some variables (export) to that .crt file (REQUESTS_CA_BUNDLE, SSL_CERT_FILE, SSL_CERT_DIR)

no change

- installing "certifi", and add my public certificate to the file given by certifi.where(): '/home/fabian/.local/lib/python3.5/site-packages/certifi/cacert.pem'

no change

Would you have any pointer ?

Thank you for your help

Fabian

--
http://github.com/RDFLib
---
You received this message because you are subscribed to the Google Groups "rdflib-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rdflib-dev+...@googlegroups.com.
To post to this group, send email to rdfli...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rdflib-dev/484e55a1-01ca-4593-9b57-5dd2f20fbef7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.