Need Help - Meraki GET API - SSL Errors

Lalana
Getting noticed

Need Help - Meraki GET API - SSL Errors

Hi Team,

 

We are getting the following errors for the Meraki API endpoint GET calls. I am posting some of the sample calls here.

WARNING - organizations, getOrganization > https://api.meraki.com/api/v1/organizations/1413157 - Cannot connect to host api.meraki.com:443 ssl:default [Network is unreachable], retrying in 1 second
WARNING - organizations, getOrganization > https://api.meraki.com/api/v1/organizations/1413157 - Cannot connect to host api.meraki.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:997)')], retrying in 1 second
WARNING - organizations, getOrganization > https://api.meraki.com/api/v1/organizations/1413157 - Cannot connect to host api.meraki.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:997)')], retrying in 1 second

can anyone help to resolve this issue?

Thanks & Regards,
Lalana
13 Replies 13
KH
Meraki Employee
Meraki Employee

Hey @Lalana 

 

I am curious how/what method is used to run these calls. Meraki uses the API key for authentication and not any kind of certificate so it sounds like whatever application you are using is the problem. Can you run the same API call using Postman or in the browser?

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it
Lalana
Getting noticed

Hi KH,

 

From postman it works fine, we are using a python script which uses async api calls, pasting the code snippet here:

async def main_async(api_key, ORG_ID, operations, tag😞
    global DEVICES, NETWORKS, TEMPLATES
    async with meraki.aio.AsyncDashboardAPI(api_key, maximum_concurrent_requests=1, maximum_retries=4,
                                            print_console=True, suppress_logging=False) as dashboard:
        # Backup org
        await asyncio.gather(backup_org(dashboard, ORG_ID, operations), backup_devices(dashboard, ORG_ID, operations, DEVICES), backup_networks(dashboard, ORG_ID, operations, NETWORKS + TEMPLATES), backup_mr_ssids(dashboard, operations, ORG_ID, NETWORKS + TEMPLATES))
 
PhilipDAth
Kind of a big deal
Kind of a big deal

Have you got a proxy in your organisation or anything doing SSL inspection?

 

The "self signed" certificate is the suspicous bit.  You are talking to something - but it is not Meraki.

Lalana
Getting noticed

Hi Philip,

 

Thanks for the response. The issue got resolved after adding certificate_path 

 

async with meraki.aio.AsyncDashboardAPI(api_key, maximum_concurrent_requests=1, maximum_retries=4, print_console=True, suppress_logging=False, certificate_path='certificate/path'

It seems that the issue is related to this bug - aiohttp module -https://github.com/aio-libs/aiohttp/issues/955 

Thanks & Regards,
Lalana

PhilipDAth
Kind of a big deal
Kind of a big deal

Wow.  Good find.

Matq
Conversationalist

Hi @Lalana 

I have the same issue so I added as suggested in your post, but here is the error message:

"self._sslcontext.load_verify_locations(certificate_path)

FileNotFoundError: [Errno 2] No such file or directory"

Do you have an idea?

regards,

Lalana
Getting noticed

Hi Matq,

 

You can add the following to your script:

import certifi

 

cert_path = certifi.where()
 
Then add this cert_path while creating AsyncDashboardAPI object:
 
    async with meraki.aio.AsyncDashboardAPI(
        api_key,
        maximum_concurrent_requests=3,
        maximum_retries=10,
        print_console=True,
        suppress_logging=False,
        certificate_path=cert_path,   <<<<<< cert_path added here >>>
        requests_proxy=https_proxy_server
    ) as dashboard:
PhilipDAth
Kind of a big deal
Kind of a big deal

So demure.  So mindful.

 

I like it!

Lalana
Getting noticed

Thank you Philip

Matq
Conversationalist

HI,

thanks for your answer and help. Really appreciate it.

I have found the solution.

in application > Python 3.12, i need to execute the program: "install certificates.command"

Then the script will work.

regards,

Mathieu

Lalana
Getting noticed

Thanks Matq for sharing.

Lalana
Getting noticed

Thanks, Would like to Thank Gandhi Racharla and Niraj Gadhe  (from Cisco) for helping on this.

CarolineS
Community Manager
Community Manager

Hi! Moderator here. I’m just going to edit your post to remove the email addresses. Appreciate you sharing your words of thanks though!

Caroline S | Community Manager, Cisco Meraki
New to the community? Get started here
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.