PyNetBox API 是否可以选择验证自签名证书的 CA 证书? [英] Does PyNetBox API have an option to verify CA cert for Self Signed Cert?

问题描述

我一直在尝试使用具有自签名证书的 NetBox 设置来使用 NetBox Ansible 模块.[1] 然而，这给了我错误:

未能建立与 Netbox API 的连接

我意识到这是因为我使用了自签名证书:

<预><代码>>>>导入pynetbox>>>nb = pynetbox.api(... 'https://netbox.url',...令牌='XXX'……)>>>nb.dcim.devices.all()<剪断>引发 SSLError(e, request=request)requests.exceptions.SSLError: HTTPSConnectionPool(host='netbox.url', port=443): Max retries exceeded with url:/api/dcim/devices/(由 SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate)验证失败:无法获得本地颁发者证书 (_ssl.c:1076)')))

我想知道是否有一种方法可以使用 pynetbox 指定 cacert 文件，就像我们使用 verify="/my/path/to/cacert.crt"><预><代码>>>>nb = pynetbox.api(... 'https://netbox.url',...令牌='XXX'，... private_key_file='/my/path/to/key',... ssl_verify='/my/path/to/cacert.crt'……)回溯(最近一次调用最后一次):文件<stdin>"，第 5 行，在 <module> 中.类型错误:__init__() 得到了一个意外的关键字参数ssl_verify"

[1] 使用 Netbox Ansible 模块

Python 版本:Python 3.7.7pynetbox 版本:'2.8'

解决方案

这在 他们 GitHub 存储库中的一个问题，他们声称可以将 REQUESTS_CA_BUNDLE 环境变量设置为指向 requests 应该用于验证端点 (这里是请求文档)

理论上:

导入pynetbox导入操作系统os.environ['REQUESTS_CA_BUNDLE'] = '/path/to/your/ca.pem'# 然后去比赛

I've been trying to play around with NetBox Ansible modules with a NetBox setup having self signed certificate. [1] That however gives me the error:

Failed to establish connection to Netbox API

I realised that this was due to me using Self signed certificate:

>>> import pynetbox
>>> nb = pynetbox.api(
... 'https://netbox.url',
... token='XXX'
... )
 
>>> nb.dcim.devices.all()
 
<snipped>
 
    raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='netbox.url', port=443): Max retries exceeded with url: /api/dcim/devices/ (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1076)')))

I was wondering if there is a way to specify cacert file with pynetbox, the same way we do with requests using verify="/my/path/to/cacert.crt"

>>> nb = pynetbox.api(
... 'https://netbox.url',
... token='XXX',
... private_key_file='/my/path/to/key',
... ssl_verify='/my/path/to/cacert.crt'
... )
Traceback (most recent call last):
  File "<stdin>", line 5, in <module>
TypeError: __init__() got an unexpected keyword argument 'ssl_verify'

[1] Using Netbox Ansible Modules

Python Version: Python 3.7.7 pynetbox version: '2.8'

解决方案

This was discussed in an issue in their GitHub repo where they allege one can set the REQUESTS_CA_BUNDLE environment variable to point to the CA bundle that requests should use for verifying the endpoint (here are the requests docs)

In theory:

import pynetbox
import os

os.environ['REQUESTS_CA_BUNDLE'] = '/path/to/your/ca.pem'
# and off to the races

这篇关于PyNetBox API 是否可以选择验证自签名证书的 CA 证书?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！