Rally - On-premises: SSL certificate verification failed when using pyral
search cancel

Rally - On-premises: SSL certificate verification failed when using pyral

book

Article ID: 57515

calendar_today

Updated On:

Products

Rally On-Premise Rally SaaS

Issue/Introduction

A user gets pyral.context.RallyRESTAPIError: SSL certificate verification failed error when using CA Agile Central Rest Toolkit for Python.

Environment

Release:
Component: ACPREM

Resolution

SSL certificates use a chain of trust, where each certificate is signed by a higher, more credible certificate. At the top of the chain of trust are the root certificates, owned by Verisign, DigiCert, Thawte and other certificate authorities.

When using a self-signed certificate, there is no chain of trust. A web browser will issue a warning when a web site certificate cannot be verified, but the user can dismiss the warning and it will not appear again.

Rally on-premises comes with a self-signed certificate that will cause this error if using pyral so we have to explicitly disable the verification in the code using verify_ssl_cert=False


rally = CA Agile Central(server, user=username, 
                  password=<PASSWORD>, 
                  workspace=<WORKSPACE_NAME>, 
                  project=<PROJECT_NAME>, 
                  verify_ssl_cert=False)




This article uses showdefects.py example available in the examples directly, which comes with pyral installation.
The source of this example is available in the github repo, and also attached to this article.

Follow the steps below to establish that you can connect to your on-premises instance of Rally and get the expected data. The code queries defects by State: 'State != Closed'

1. Create config file that follows the format below.
Here is the content of a sample config file onprem.cfg. Use values valid in your environment:


SERVER = <YOUR_HOST_IP>
USER   = <User>@<Company.com>
PASSWORD = <PASSWORD>
WORKSPACE = <WORKSPACE>
PROJECT = <PROJECT>



2. Modify code in showdefects.py example to make sure that SSL certificate verification is disabled:


rally = CA Agile Central(server, user=username, password=password, workspace=workspace, project=project, verify_ssl_cert=False)



3. Run the file in the terminal following this syntax:

python filename --cfg=configname

The screenshot below reflects that the current directory is pyral-1.1.0, and the script is inside the examples directory pyral-1.1.0/examples, and the config file onprem.cfg is directly in the pyral-1.1.0 directory. It also reflects that the script was run successfully and two defects were returned:

As a comparison, if we did not explicitly disable certificate validation, the terminal output will look like this:

Attachments

1558955916139showdefects_onprem.zip get_app
Powered by Wolken Software