Ignore self-signed SSL certificate errors
Now works smoothly with the default configuration of locally installed Deep Security Managers
SSL Certification Validation
By default, the suds and requests libraries attempt to validate SSL certificates. Unfortunately, the default install of Deep Security via software and via the AWS Marketplace uses a self-signed certificate. This was causing an SSL: CERTIFICATE_VERIFY_FAILED
error for both the SOAP and REST API calls.
This release resolves that issue by offering the user that ability to create a deepsecurity.manager.Manager()
object that ignores SSL certificate validation
Recommendation
It's highly recommended that you use a valid SSL certificate. This adds an additional layer of assurance to your deployment on top of restricting the address space that can access your Deep Security Manager.
Usage
In order to ignore SSL certification validation, create the deepsecurity.manager.Manager()
as follows;
import deepsecurity
mgr = deepsecurity.manager.Manager(username=user, password=pass, dsm_hostname=dsm, dsm_port=4119, ignore_ssl_validation=True)