Child Item

python3 and API V2: turn off certificate checking?

I'm using python3 and used pip install dropbox.

On my home machine, I use the sample with

dbx.users_get_curent_account()

and it works fine. On the work VPN, I get a stream of exceptions (pasted below) the bottom line is requests is refusing to connect because of "Self signed cretificate in certificate chain". What I would like to do is catch the exception and offer the user a chance to retry without certificate checks. Is this possible with the API V2? I looked at the source of class Dropbox and create_session but can't see anything likely looking.

Thanks in advance

Source/dropbox $ cat demo.py

import dropbox

dbx=dropbox.Dropbox('oLvM1y1OkxIAAAAAAAAEYiHj9UyVA1EME8CGGsxnMp-e2DGlAaqutsyuXejU_k7d')

print( dbx.users_get_current_account() )

Source/dropbox $ py demo.py
Traceback (most recent call last):
  File "C:\Program Files\Python37\lib\site-packages\urllib3\connectionpool.py", line 662, in urlopen
    self._prepare_proxy(conn)
  File "C:\Program Files\Python37\lib\site-packages\urllib3\connectionpool.py", line 948, in _prepare_proxy
    conn.connect()
  File "C:\Program Files\Python37\lib\site-packages\urllib3\connection.py", line 394, in connect
    ssl_context=context,
  File "C:\Program Files\Python37\lib\site-packages\urllib3\util\ssl_.py", line 370, in ssl_wrap_socket
    return context.wrap_socket(sock, server_hostname=server_hostname)
  File "C:\Program Files\Python37\lib\ssl.py", line 423, in wrap_socket
    session=session
  File "C:\Program Files\Python37\lib\ssl.py", line 870, in _create
    self.do_handshake()
  File "C:\Program Files\Python37\lib\ssl.py", line 1139, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1076)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "C:\Program Files\Python37\lib\site-packages\requests\adapters.py", line 449, in send
    chunked=chunked
  File "C:\Program Files\Python37\lib\site-packages\urllib3\connectionpool.py", line 720, in urlopen
    method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2]
  File "C:\Program Files\Python37\lib\site-packages\urllib3\util\retry.py", line 436, in increment
    raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='api.dropboxapi.com', port=443): Max retries exceeded with url: /2/users/get_current_account (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1076)')))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "demo.py", line 6, in <module>
    print( dbx.users_get_current_account() )
  File "C:\Program Files\Python37\lib\site-packages\dropbox\base.py", line 5069, in users_get_current_account
    None,
  File "C:\Program Files\Python37\lib\site-packages\dropbox\dropbox.py", line 274, in request
    timeout=timeout)
  File "C:\Program Files\Python37\lib\site-packages\dropbox\dropbox.py", line 365, in request_json_string_with_retry
    timeout=timeout)
  File "C:\Program Files\Python37\lib\site-packages\dropbox\dropbox.py", line 449, in request_json_string
    timeout=timeout,
  File "C:\Program Files\Python37\lib\site-packages\requests\sessions.py", line 578, in post
    return self.request('POST', url, data=data, json=json, **kwargs)
  File "C:\Program Files\Python37\lib\site-packages\requests\sessions.py", line 530, in request
    resp = self.send(prep, **send_kwargs)
  File "C:\Program Files\Python37\lib\site-packages\requests\sessions.py", line 643, in send
    r = adapter.send(request, **kwargs)
  File "C:\Program Files\Python37\lib\site-packages\requests\adapters.py", line 469, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='api.dropboxapi.com', port=443): Max retries exceeded with url: /2/users/get_current_account (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1076)')))

Find more posts tagged with

API

Abuse

Comments

sweavo

... and yes, duh, I pasted my token. I've revoked it.

Greg-DB

I don't believe the Dropbox Python SDK offers such an option, but I either way I would strongly recommend against disabling certificate checking anyway.

sweavo

Alternatively, getting to add a trusted root certificate would work too. requests can do this, and requests is used under the hood, I'm looking for a way to set up requests under the dropbox module.

Greg-DB

The Dropbox Python SDK does use the requests library. You can find where it's imported and used here and here. The trusted certificates are loaded from this file at this point in the code. You could potentially modify that file or code, though I should reiterate again that as a matter of security we do not recommend doing so.