SSL with self-signed certificates

[ebcFlagman]

We have the problem, that we have in our company self-signed certificates for our PlantUML-Server. In this case the plugin doesn't work as expected and doesn't respect the windows truststore from python-certifi-win32 package

[christo-ph]

Hi. I've never tested with self-signed SSL afaik. I'll see if I can ignore them.

[christo-ph]

Could you please post the error/exception?

[ebcFlagman]

$ python -m mkdocs build
INFO     -  Cleaning site directory
INFO     -  Building documentation to directory: C:\Git\git_software\test\sca3_source\mcu\application\remote_api\documentation\site
ERROR    -  Error reading page 'index.md': HTTPSConnectionPool(host='se-msag-vcs01.msag.ch', port=443): Max retries exceeded with url: /plantuml/png/2qhDpIz9TGpmLD1LY7REJqjBJVLDJCx8p4kDvOfsBYqkoSzrpiyjA2r9BOfLqBDJ28Ahjr8eBKxb0W0= (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)')))
Traceback (most recent call last):
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\urllib3\connectionpool.py", line 703, in urlopen
    httplib_response = self._make_request(
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\urllib3\connectionpool.py", line 386, in _make_request
    self._validate_conn(conn)
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\urllib3\connectionpool.py", line 1040, in _validate_conn
    conn.connect()
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\urllib3\connection.py", line 414, in connect
    self.sock = ssl_wrap_socket(
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\urllib3\util\ssl_.py", line 449, in ssl_wrap_socket
    ssl_sock = _ssl_wrap_socket_impl(
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\urllib3\util\ssl_.py", line 493, in _ssl_wrap_socket_impl
    return ssl_context.wrap_socket(sock, server_hostname=server_hostname)
  File "C:\Program Files\Python38\lib\ssl.py", line 500, in wrap_socket
    return self.sslsocket_class._create(
  File "C:\Program Files\Python38\lib\ssl.py", line 1040, in _create
    self.do_handshake()
  File "C:\Program Files\Python38\lib\ssl.py", line 1309, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\requests\adapters.py", line 440, in send
    resp = conn.urlopen(
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\urllib3\connectionpool.py", line 785, in urlopen
    retries = retries.increment(
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\urllib3\util\retry.py", line 592, in increment
    raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='se-msag-vcs01.msag.ch', port=443): Max retries exceeded with url: /plantuml/png/2qhDpIz9TGpmLD1LY7REJqjBJVLDJCx8p4kDvOfsBYqkoSzrpiyjA2r9BOfLqBDJ28Ahjr8eBKxb0W0= (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)')))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "C:\Program Files\Python38\lib\runpy.py", line 194, in _run_module_as_main
    return _run_code(code, main_globals, None,
  File "C:\Program Files\Python38\lib\runpy.py", line 87, in _run_code
    exec(code, run_globals)
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\mkdocs\__main__.py", line 221, in <module>
    cli()
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\click\core.py", line 1128, in __call__
    return self.main(*args, **kwargs)
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\click\core.py", line 1053, in main
    rv = self.invoke(ctx)
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\click\core.py", line 1659, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\click\core.py", line 1395, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\click\core.py", line 754, in invoke
    return __callback(*args, **kwargs)
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\mkdocs\__main__.py", line 187, in build_command
    build.build(config.load_config(**kwargs), dirty=not clean)
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\mkdocs\commands\build.py", line 292, in build
    _populate_page(file.page, config, files, dirty)
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\mkdocs\commands\build.py", line 174, in _populate_page
    page.render(config, files)
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\mkdocs\structure\pages.py", line 174, in render
    self.content = md.convert(self.markdown)
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\markdown\core.py", line 261, in convert
    self.lines = prep.run(self.lines)
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\plantuml_markdown.py", line 126, in run
    text1, idx1 = self._replace_block(text[idx:])
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\plantuml_markdown.py", line 184, in _replace_block
    diagram = self._render_diagram(code, requested_format)
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\plantuml_markdown.py", line 269, in _render_diagram
    diagram = self._render_remote_uml_image(code, requested_format)
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\plantuml_markdown.py", line 320, in _render_remote_uml_image
    with requests.get(image_url) as r:
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\requests\api.py", line 75, in get
    return request('get', url, params=params, **kwargs)
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\requests\api.py", line 61, in request
    return session.request(method=method, url=url, **kwargs)
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\requests\sessions.py", line 529, in request
    resp = self.send(prep, **send_kwargs)
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\requests\sessions.py", line 645, in send
    r = adapter.send(request, **kwargs)
  File "C:\Users\pascal.bernhard\AppData\Roaming\Python\Python38\site-packages\requests\adapters.py", line 517, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='se-msag-vcs01.msag.ch', port=443): Max retries exceeded with url: /plantuml/png/2qhDpIz9TGpmLD1LY7REJqjBJVLDJCx8p4kDvOfsBYqkoSzrpiyjA2r9BOfLqBDJ28Ahjr8eBKxb0W0= (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)')))

[christo-ph]

Just uploaded 1.7 with a new parameter disable_ssl_certificate_validation

Could you please try with setting this to true and have a look if this works?

[christo-ph]

I will close this ticket. Feel free to give some feedback.