Hello I have just tried using this code but still getting error. Any idea how to solve this?
I have referred similar post also but it is not working.
import hvac
client = hvac.Client(url='https://vault.xyz.com:1100/ui')
response = client.secrets.kv.v2.read_secret_version(path='/secrets/secret/show/ab/ss/dd')
Error-
raise_for_error raise exceptions.Forbidden(message, errors=errors, method=method, url=url) hvac.exceptions.Forbidden: 1 error occurred: * permission denied
Related
I am trying to execute a REST get call using 'requests' library, and i am using python 3.10 on ubuntu
But I get the exception:
requests.exceptions.ProxyError: HTTPSConnectionPool(host='XXX', port=443): Max retries exceeded with url: XXX (Caused by ProxyError('Cannot connect to proxy.', OSError('Tunnel connection failed: 503 Service Unavailable')))
I set environment variables in persistence file .bashrc :
enter image description here and I added HTTP_PROXY variable too.
I tried sending proxies variable in the request but I get the same exception
enter image description here
In the requests library documentation I coun't find any information about this exception.
This worked for me
requests.packages.urllib3.disable_warnings()
requests.packages.urllib3.util.ssl_.DEFAULT_CIPHERS += ':HIGH:!DH:!aNULL'
try:
requests.packages.urllib3.contrib.pyopenssl.util.ssl_.DEFAULT_CIPHERS += ':HIGH:!DH:!aNULL'
except AttributeError:
# no pyopenssl support used / needed / available
pass
Then call: r = requests.get(url, headers=headers, timeout=3, verify=False)
I have this easy code to connect to download some data using GRPC
creds = grpc.ssl_channel_credentials()
channel = grpc.secure_channel(f'{HOST}:{PORT}', credentials=creds)
stub = liveops_pb2_grpc.LiveOpsStub(channel=channel)
request = project_pb2.ListProjectsRequest(organization=ORGANIZATION)
projects = stub.ListProjects(request=request)
print(projects)
This worked fine on wednesday. It runs in a docker container with Python 3.8.10 and protobuf==3.18.0,grpcio==1.40.0, grpcio-tools==1.40.0.
Today I updated MAC OS Big Sur to 11.6 and after finishing some extra features on the code I see that it returns:
E0930 21:12:04.108551900 1 ssl_transport_security.cc:1468] Handshake failed with fatal error SSL_ERROR_SSL: error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED.
E0930 21:12:04.194319000 1 ssl_transport_security.cc:1468] Handshake failed with fatal error SSL_ERROR_SSL: error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED.
E0930 21:12:04.286163700 1 ssl_transport_security.cc:1468] Handshake failed with fatal error SSL_ERROR_SSL: error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED.
Traceback (most recent call last):
File "", line 302, in <module>
projects = liveops_stub.ListProjects(request=request)
File "/home/airflow/.local/lib/python3.8/site-packages/grpc/_channel.py", line 946, in __call__
return _end_unary_response_blocking(state, call, False, None)
File "/home/airflow/.local/lib/python3.8/site-packages/grpc/_channel.py", line 849, in _end_unary_response_blocking
raise _InactiveRpcError(state)
grpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with:
status = StatusCode.UNAVAILABLE
details = "failed to connect to all addresses"
debug_error_string = "{"created":"#1633036324.286560700","description":"Failed to pick subchannel","file":"src/core/ext/filters/client_channel/client_channel.cc","file_line":3186,"referenced_errors":[{"created":"#1633036324.286548700","description":"failed to connect to all addresses","file":"src/core/lib/transport/error_utils.cc","file_line":146,"grpc_status":14}]}"
>
Seems to be something related to SSL Certificates.
If I check /etc/ssl/certs folder it is empty, so could be that SSL SO certificate has been erased?
How can I fix it?
Let's Encrypt cross-signed DST Root CA X3 expired yesterday, it caused some SSL problems on some clients. I managed to fix it by manually changing the intermediate chain to use the new Root X1 instead.
On the server, run:
sudo certbot certonly --nginx -d <ADDRESS> --preferred-chain "ISRG Root X1"
If you are not running nginx you might need to replace it with your server, and make sure to restart it.
As Firas Al Mannaa said Let's Encrypt cross-signed DST Root CA X3 expired yesterday, it caused some SSL problems on some clients.
I added a new function to get a certificate from ca-bundle:
def get_ssl_certificate():
request_response = req.get('https://raw.githubusercontent.com/bagder/ca-bundle/master/ca-bundle.crt')
certificate_content = request_response.text
certificate_as_bytes = str.encode(certificate_content)
return certificate_as_bytes
And then I used this certificate
creds = grpc.ssl_channel_credentials(root_certificates=certificate_as_bytes)
I'm trying to do a FTPS (or FTP) connection to a FTP server. This is done on Python 3.8.5 32 bit via Visual Studio Code.
Here is the code:
import ftplib
session = ftplib.FTP_TLS('server address')
#session.connect ('server address', 991)
session.login(user='username',passwd='password')
#session.prot_p()
session.set_pasv(True)
session.cwd("files")
print(session.pwd())
filename = "ftpTest.txt"
my_file = open('filepath\\ftpTest.txt', 'wb') # Open a local file to store the downloaded file
session.retrbinary('RETR ' + filename, my_file.write, 1024)
session.quit()
I am able to get the session.pwd (which display /files) but the connection timeout at line 11 (session.retrbinary) in approximately 22 sec with the following error:
Exception has occurred: TimeoutError
[WinError 10060] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond
I had tried setting session.set_pasv to both True and False following Python ftplib timing out. Setting it True raised the TimeoutError and setting it False raise the following error at line 11:
Exception has occurred: error_perm
500 Illegal PORT command
and also tried setting a different port (991) following Python SSL FTP connection timing out and it raised the Timeout Error at line 3.
Using FTP without TLS raised the following error at line 4 (session.login):
Exception has occurred: error_perm
530 Non-anonymous sessions must use encryption.
Turning off my McAfee LiveSafe firewall didnt help either.
Btw file transfer works with Filezilla, was able to freely transfer.
Setting up the secure data connection and changing the session af to INET6 seemed to work for me. This was suggested to me by a colleague, and as to why it works is beyond me. If anyone can provide a proper explanation, please do.
Code:
session.login(user='username',passwd='password')
session.prot_p()
session.af = socket.AF_INET6
Python 3.6.4 (32 bit x86) using slackclient locally connects to the RTM API and is able to listen in on slack channel changes. That same code running in Azure (64 bit AMD) does not work.
I've made sure that the Azure python install is as close to my local machine as possible. There are a few package discrepancies (see below) though this should not be the issue since these are not being used:
Azure vs. Local Machine
* numpy 1.15.3 vs. numpy 1.16.0
* pyodbc 4.0.24 vs. pyodbc 4.0.25
* pytz 2018.7 vs. pytz 2018.9
* setuptools 38.5.2 vs. setuptools 28.8.0
I've looked at the following links though I am not sure they will help. Some of the instructions for setting up a proxy in Azure are no longer valid (off by several steps). Recently Azure stopped serving a web app of mine (C#/ASP) when I changed the (totally unrelated Python) setting below.
Application settings->General settings->Python version (from Off to 3.4)
It was a real pain to get it back. I think that I will need a proxy though I would imagine Azure should provide better instructions for this. I am somewhat of an Azure newb though not new enough to start changing things willy nilly!
make Python 3.x Slack (slackclient) use a corporate proxy
Custom Slack Bot cannot connect
https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/application-proxy-configure-connectors-with-proxy-servers
https://learn.microsoft.com/en-us/azure/azure-functions/functions-proxies
import time, logging, os
from slackclient import SlackClient
from datetime import datetime
def main():
#proxies = dict(https="proxy.azure.com:443", http="proxy.azure.com:443")
sc = SlackClient(BOT_TOKEN)
CHANNEL_ID = "some channel id"
logger.debug("Listening to channel '{0}' with id '{1}' for the following actions: ".format(CHANNEL_NAME, CHANNEL_ID))
if sc.rtm_connect():
logger.debug("Connected to Slack!")
while True:
# Read latest messages
# If activity is in CHANNEL_ID do something
else:
logger.debug("Couldn't connect to slack")
On my local machine I get the following (I cut out some of the code):
DEBUG - Listening to channel 'news' with id 'CFDQ3BXYZ' for the following actions:
DEBUG - message_replied
DEBUG - message_deleted
DEBUG - message_changed
DEBUG - Connected to Slack!
However, in Azure, I get the following:
DEBUG - Listening to channel 'news' with id 'CFDQ3BXYZ' for the following actions:
DEBUG - message_replied
DEBUG - message_deleted
DEBUG - message_changed
DEBUG - Couldn't connect to Slack!
The Azure error message is as follows:
01-14-2019 23:17:26, urllib3.connectionpool, DEBUG, Starting new HTTPS connection (1): slack.com:443
01-14-2019 23:17:26, urllib3.connectionpool, DEBUG, https://slack.com:443 "POST /api/rtm.start HTTP/1.1" 200 18349
01-14-2019 23:17:26, slackclient.client, WARNING, Failed RTM connect
Traceback (most recent call last):
File "D:\home\python364x64\lib\site-packages\slackclient\server.py", line 192, in connect_slack_websocket
http_proxy_auth=proxy_auth,
File "D:\home\python364x64\lib\site-packages\websocket\_core.py", line 511, in create_connection
websock.connect(url, **options)
File "D:\home\python364x64\lib\site-packages\websocket\_core.py", line 220, in connect
options.pop('socket', None))
File "D:\home\python364x64\lib\site-packages\websocket\_http.py", line 120, in connect
sock = _open_socket(addrinfo_list, options.sockopt, options.timeout)
File "D:\home\python364x64\lib\site-packages\websocket\_http.py", line 164, in _open_socket
sock.setsockopt(*opts)
OSError: [WinError 10042] An unknown, invalid, or unsupported option or level was specified in a getsockopt or setsockopt call
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "D:\home\python364x64\lib\site-packages\slackclient\client.py", line 140, in rtm_connect
self.server.rtm_connect(use_rtm_start=with_team_state, **kwargs)
File "D:\home\python364x64\lib\site-packages\slackclient\server.py", line 159, in rtm_connect
self.connect_slack_websocket(self.ws_url)
File "D:\home\python364x64\lib\site-packages\slackclient\server.py", line 200, in connect_slack_websocket
raise SlackConnectionError(message=str(e))
slackclient.server.SlackConnectionError: [WinError 10042] An unknown, invalid, or unsupported option or level was specified in a getsockopt or setsockopt call
01-14-2019 23:17:26, Slack_bot_listener, DEBUG, Couldn't connect to slack
Any help will be greatly appreciated!
It appears that WebJobs are restricted to port 80 only. So there is no way to open up ports, etc. on Azure WebJobs at least at this time (see article/post below). So it appears that a VM or some other route is the way to proceed.
Can I open ports on Azure Websites?
I am trying to use PhantomJS on an Openshift Server (Linux) using Python and Selenium.
The Error that I get using no exceptions is:
PermissionError: [Errno 13] Permission denied: 'ghostdriver.log'
This is the code:
try:
browser = webdriver.PhantomJS()
except AttributeError:
error = "Attribute Error"
except PermissionError:
error= "Permission Error"
The solution to this is probalby turning of logging
I tried this by changing this line:
browser = webdriver.PhantomJS()
To:
browser = webdriver.PhantomJS(service_log_path=os.path.devnull)
But now I get the AttributeError
What is a possible solution for this problem?