For a deeper look into our Elektron API, look into:

Overview |  Quickstart |  Documentation |  Downloads |  Tutorials |  Articles

question

Upvotes
Accepted
changyao.yeo avatar image
9 2 1 4

SSL: CERTIFICATE_VERIFY_FAILED for websocket API

Trying to access Real Time Optimized via Websocket API and ran into SSL: CERTIFICATE_VERIFY_FAILED.

Below is the console log / error log for the same.

/usr/local/bin/python3.9 /Users/XXXXX/PycharmProjects/Refiniiv-websocket-api/Applications/Examples/RDP/python/market_price_rdpgw_authentication.py
Sending authentication request with password to https://api.refinitiv.com:443/auth/oauth2/v1/token ...
Refinitiv Data Platform Authentication succeeded. RECEIVED:
{
"access_token":"eyJ0eXAiOi...Om65YA",
"expires_in":"600",
"refresh_token":"ced8c956-7527-46b7-bf35-6e1d4a4f1a16",
"scope":"trapi.streaming.pricing.read",
"token_type":"Bearer"
}
Connecting to WebSocket wss://us-east-1-aws-1-sm.optimized-pricing-api.refinitiv.net:443/WebSocket ...
[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1123)
WebSocket Closed


Also ran the "market_price_rdpgw_service_discovery.py" : getting the same error across all end points

Please let me know on the next steps to resolve this issue.

#technologywebsocketsrrto
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

wasin.w avatar image   wasin.w

Hello @changyao.yeo

Thank you for your participation in the forum. Is the reply below satisfactory in resolving your query?


If so please can you click the 'Accept' text next to the appropriate reply? This will guide all community members who have a similar question.

Thanks,


AHS

aramyan.h avatar image   aramyan.h

Hi,

Please be informed that a reply has been verified as correct in answering the question, and marked as such.

Thanks,

AHS

3 Answers

· Write an Answer
Upvote
Accepted
Jirapongse avatar image
79.2k 251 52 74

@changyao.yeo

The certificate of that server is issued by Sectigo and it is a valid certificate.

1678442952243.png

However, this certificate may be intercepted by the client's proxy or firewall. Therefore, the client should contact the IT or network support team to verify the settings on a client's proxy or firewall server.


1678442952243.png (120.5 KiB)
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

changyao.yeo avatar image changyao.yeo
@Jirapongse @wasin.w Thank you!
Upvotes
Jirapongse avatar image
79.2k 251 52 74

@changyao.yeo

Thanks for reaching out to us.

If you run the application on the company's machine, the problem could be from Zscaler.

You may need to contact the Zscaler team to whitelist this server. Otherwise, you can try to disable the SSL check for the WebSocket connection.

I found the following solution on StackOverflow.

import ssl
... 

 wst = threading.Thread(target=self.web_socket_app.run_forever, kwargs={'sslopt': {'check_hostname': False,"cert_reqs": ssl.CERT_NONE}})

I am unable to test it because I can run the application properly on my machine.

I hope that this information is of help.


icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

changyao.yeo avatar image changyao.yeo

Thanks Jirapongse.

Apologies, this is on behalf of client so it's run on an external machine and the problem is likely not from Zscaler.


Besides disabling SSL check for the WebSocket connection, is there anything else client can try.

Upvotes
wasin.w avatar image
24.7k 54 17 14

Hello @changyao.yeo

You may update the Zscaler policy first by opening the Zscaler program --> clicking "More" --> then clicking the "Update policy" button as follows:

zscaler-pic.png

If the problem still persists, please contact the Zscaler team as suggested by my colleague.

In the meantime, you can use the workaround as suggested by @Jirapongse.


zscaler-pic.png (27.2 KiB)
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.