CAS - Apache - SSL error

[clara]

Hello,

I am using Web2Py with Python 3.7. I have 2 web2py applications one is the CAS provider and the other is a CAS client.

This works without problems with rocket server in development environment.

Now, I need to run these apps under Apache / Windows operating system, I have both apps in the applications folder. The server is already serving other applications with a valid Let's Encrypt certificate.

When I run the CAS Client application it tries to redirect to the CAS Server application for authentication and then I get the SSL error:

urllib.error.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1056)>

What is the best solution to this? Since these requests go within the local server, should I have a self-signed certificate to avoid the SSL error?And if so, how do I register this certificate to have urllib handle it? I have looked into certifi's PEM file. Do I need to edit this file?

Alternatively, could I use the non-localhost link (internet link) and have urllib validate using the Let's encrypt certificate in place? Is Let's encrypt among certificate authorities for urrllib? or python SSL environment? I think going internally should be a better solution though.

I look forward to some guidance. Thank you,

Clara

[rodrig...@gmail.com]

Hello, Clara!

I have the same problem.

However I am running W2P by rocket with self-signed certificates. And yes, you can use a self-signed certificate locally or you can try to generate one with the certbot.

I have an article talking about it (in Portuguese) where I explain how to use Apache with certificates here.

But regarding the cas_provider problem I am still the same.