Skip ssl verification for self-signed certificate using environment variable PHASE_VERIFY_SSL #163
Description
Based on this documentation https://docs.phase.dev/cli/commands#phase-verify-ssl, we can skip ssl verification by setting environment variable PHASE_VERIFY_SSL=False.
However, I've tried to set it as the document said and got error like below:
`
/ # echo $PHASE_VERIFY_SSL
False
/ # phase secrets export --app "DevOps" --env production --path security/officer
Traceback (most recent call last):
File "urllib3/connectionpool.py", line 466, in _make_request
File "urllib3/connectionpool.py", line 1095, in validate_conn
File "urllib3/connection.py", line 652, in connect
File "urllib3/connection.py", line 805, in ssl_wrap_socket_and_match_hostname
File "urllib3/util/ssl.py", line 465, in ssl_wrap_socket
File "urllib3/util/ssl.py", line 509, in _ssl_wrap_socket_impl
File "ssl.py", line 517, in wrap_socket
File "ssl.py", line 1104, in _create
File "ssl.py", line 1382, in do_handshake
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:1006)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "urllib3/connectionpool.py", line 789, in urlopen
File "urllib3/connectionpool.py", line 490, in _make_request
urllib3.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:1006)
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "requests/adapters.py", line 564, in send
File "urllib3/connectionpool.py", line 843, in urlopen
File "urllib3/util/retry.py", line 519, in increment
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='', port=443): Max retries exceeded with url: /service/secrets/tokens/ (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:1006)')))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "main.py", line 303, in main
File "cmd/secrets/export.py", line 54, in phase_secrets_env_export
File "utils/phase_io.py", line 187, in get
File "utils/phase_io.py", line 420, in decrypt
File "utils/network.py", line 167, in fetch_wrapped_key_share
File "requests/api.py", line 73, in get
File "requests/api.py", line 59, in request
File "requests/sessions.py", line 589, in request
File "requests/sessions.py", line 703, in send
File "requests/adapters.py", line 595, in send
requests.exceptions.SSLError: HTTPSConnectionPool(host='', port=443): Max retries exceeded with url: /service/secrets/tokens/ (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:1006)')))
`
I think I have find the issue, and it looks like it missing parameter verify in the request code.
I've already create a PR for the fix.