3 Replies Latest reply on Jul 21, 2016 7:48 AM by jmiddleton

    Enabling SSL Certificate Verification for the SDK

    jmiddleton

      So the hard coding of SSL Certificate Verification to False within orionsdk-python (and the associated run time warnings) was getting to me, so I did a GitHub Pull request (here) to enable passing down a value for verify. With this patch applied you can now do:

       

      import orionsdk
      swis = orionsdk.SwisClient("SolarWinds-Orion", "username", "password", verify="server.pem")
      swis.query("SELECT NodeID from Orion.Nodes")
      

       

      And have it reject invalid SSL Cert,

       

      However it turns out it's not that much use as the server (tested against NPM 12.0RC1) has a very long (until 2040) self-signed cert with a CN of SolarWinds-Orion. It looks very much like each poller in a Orion platform has same cert.

       

      So has anyone tried to secure Orion when using the SDK? There is a number of issues to over come above the inability to enable verification. And I'm thinking the response via support will be not possible/supported...?