Adding Self-Signed Certificates to Ubuntu Trust Store

I’ve been testing AXL calls using Python, and encountered the following error:

 

Traceback (most recent call last):
 File "./axl_test.py", line 14, in <module>
 result = client.service.listPhone({'name':'SEP%'},{'name':'','model':''})
 File "/usr/lib/python2.7/dist-packages/suds/client.py", line 566, in __call__
 return client.invoke(args, kwargs)
 File "/usr/lib/python2.7/dist-packages/suds/client.py", line 705, in invoke
 result = self.send(soapenv)
 File "/usr/lib/python2.7/dist-packages/suds/client.py", line 747, in send
 reply = self.options.transport.send(request)
 File "/usr/lib/python2.7/dist-packages/suds/transport/https.py", line 66, in send
 return HttpTransport.send(self, request)
 File "/usr/lib/python2.7/dist-packages/suds/transport/http.py", line 80, in send
 fp = self.u2open(u2request)
 File "/usr/lib/python2.7/dist-packages/suds/transport/http.py", line 127, in u2open
 return url.open(u2request, timeout=tm)
 File "/usr/lib/python2.7/urllib2.py", line 429, in open
 response = self._open(req, data)
 File "/usr/lib/python2.7/urllib2.py", line 447, in _open
 '_open', req)
 File "/usr/lib/python2.7/urllib2.py", line 407, in _call_chain
 result = func(*args)
 File "/usr/lib/python2.7/urllib2.py", line 1241, in https_open
 context=self._context)
 File "/usr/lib/python2.7/urllib2.py", line 1198, in do_open
 raise URLError(err)
urllib2.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)>

 

This is an easy one, as I’m connecting from my Ubuntu machine to CUCM that’s has a self-signed certificate.  I need to add this to my Ubuntu trust store.

 

Steps to resolve are:

 

  1. Install mycertifcate.pem to local machine

  2. cp to /usr/local/share/ca-certificates

  3. Rename certificate to mycertificate.crt

  4. sudo update-ca-certificates

 

jonathan@mymachine:/usr/local/share/ca-certificates$ sudo update-ca-certificates
Updating certificates in /etc/ssl/certs…
1 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d…

Adding debian:mycertifcate.pem
done.
done.

 

The certificate will now be concatenated to /etc/ssl/certs/ca-certificates.crt and will be trusted as required.

Advertisements
Tagged , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Collaboration Engineer

All things Technology - Posts to save for when you need them

Gerry Keleghan's Blog

A Blog about Cisco Unified Communications

ccieme

my personal journey to ccie collaboration

Striving for greatness

Thoughts on emerging tech, open source, and life

Network Experts Blog

“Knowledge comes by eyes always open and working hands.”

SIP Adventures

A unified communications blog by Andrew Prokop

The Cloverhound Blog

Cloverhound Employees Talk Unified Communications and Contact Center

Warcop

Fog navigator. Get out of the clouds. Down to earth solutions. @Warcop

Cisco Collab Engineering Tips

Michael White - CCIE #26626

Darkroomstory

Photography by Manos,

afterthenumber

Thoughts and experiences of a Cisco Collaboration engineer after clearing the CCIE lab...

The Daily Post

The Art and Craft of Blogging

The WordPress.com Blog

The latest news on WordPress.com and the WordPress community.

%d bloggers like this: