SSL support #9112

lhg2 · 2021-12-11T12:41:21Z

lhg2
Dec 11, 2021

My dockerized site is running behind HTTPS, so the metaImport is failing on SSL cert validation.

requests.exceptions.SSLError: HTTPSConnectionPool(host='cbioportal.pm.jh.edu', port=443): Max retries exceeded with url: /api/info (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123)')))

Using localhost:8080 generates this error-

requests.exceptions.ConnectionError: HTTPConnectionPool(host='localhost', port=8080): Max retries exceeded with url: /api/info (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7fa9e54d5cd0>: Failed to establish a new connection: [Errno 111] Connection refused'))

I know I can bypass the API using the (-p) but is there any code updates to allow for a cert to be used when issuing the "-u https://cbioportal:443"

pvannierop · 2021-12-13T08:19:06Z

pvannierop
Dec 13, 2021
Collaborator

Hello @lhg2, at present all the database provisioning python scripts are designed to be executed on the host machine directly. As such, the SSL protocol is not needed. There are initiatives in the community that will allow for non-root access study loading, but these are (afaik) preliminary and will take for time to be released.

0 replies

lhg2 · 2021-12-13T15:35:16Z

lhg2
Dec 13, 2021
Author

Do you have a suggestion on how to import then so we do not get the cert error when using the (-u URL) option to talk to the API? From: Pim van Nierop ***@***.***> Date: Monday, December 13, 2021 at 3:19 AM To: cBioPortal/cbioportal ***@***.***> Cc: Lloyd Gill ***@***.***>, Mention ***@***.***> Subject: Re: [cBioPortal/cbioportal] SSL support (Discussion #9112) External Email - Use Caution Hello @lhg2<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Flhg2&data=04%7C01%7Clhg%40jhmi.edu%7C47b44ef7574c46873fd608d9be114264%7C9fa4f438b1e6473b803f86f8aedf0dec%7C0%7C0%7C637749803613500851%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=5lKr%2BBnis6JO6JMHiviv5FjlIJPzgz7exDkwneyuaW8%3D&reserved=0>, at present all the python database provisioning scripts are designed to be executed on the host machine directly. As such, the SSL protocol is not needed. There are initiatives in the community that will allow for non-root access study loading, but these are (afaik) preliminary and will take for time to be released. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FcBioPortal%2Fcbioportal%2Fdiscussions%2F9112%23discussioncomment-1796488&data=04%7C01%7Clhg%40jhmi.edu%7C47b44ef7574c46873fd608d9be114264%7C9fa4f438b1e6473b803f86f8aedf0dec%7C0%7C0%7C637749803613500851%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=ss0rKvPS2N3MQjCKS%2FTNr2xt6e6eM8sHRRPvsUfJkVQ%3D&reserved=0>, or unsubscribe<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAFMAINQJAEDC4MXXLVE3SXDUQWUALANCNFSM5J27D2NA&data=04%7C01%7Clhg%40jhmi.edu%7C47b44ef7574c46873fd608d9be114264%7C9fa4f438b1e6473b803f86f8aedf0dec%7C0%7C0%7C637749803613500851%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=EWql%2Fa0pW6BL2Xdcxg2gMs7t9ujfSP3Hu%2FuoFmpsgQs%3D&reserved=0>. Triage notifications on the go with GitHub Mobile for iOS<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fapps.apple.com%2Fapp%2Fapple-store%2Fid1477376905%3Fct%3Dnotification-email%26mt%3D8%26pt%3D524675&data=04%7C01%7Clhg%40jhmi.edu%7C47b44ef7574c46873fd608d9be114264%7C9fa4f438b1e6473b803f86f8aedf0dec%7C0%7C0%7C637749803613500851%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=Y0VdGwErF%2FDdbDqkmosmYNyXA8unWLJxTKPT1m%2FrBvc%3D&reserved=0> or Android<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3Dcom.github.android%26referrer%3Dutm_campaign%253Dnotification-email%2526utm_medium%253Demail%2526utm_source%253Dgithub&data=04%7C01%7Clhg%40jhmi.edu%7C47b44ef7574c46873fd608d9be114264%7C9fa4f438b1e6473b803f86f8aedf0dec%7C0%7C0%7C637749803613500851%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=Hjmh2oUxV5btXNae4pPpaGQfmR11WpHxT7Nf1hRc82s%3D&reserved=0>.

1 reply

pvannierop Dec 14, 2021
Collaborator

@lhg2 I am sorry, but I do not have a suggestion here.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SSL support #9112

{{title}}

Replies: 2 comments 1 reply

{{title}}

{{editor}}'s edit

{{editor}}'s edit

{{title}}

{{title}}

Select a reply

SSL support #9112

lhg2 Dec 11, 2021

Replies: 2 comments · 1 reply

pvannierop Dec 13, 2021 Collaborator

lhg2 Dec 13, 2021 Author

pvannierop Dec 14, 2021 Collaborator

lhg2
Dec 11, 2021

Replies: 2 comments 1 reply

pvannierop
Dec 13, 2021
Collaborator

lhg2
Dec 13, 2021
Author

pvannierop Dec 14, 2021
Collaborator