How to ignore ssl cert verification from zato apitest?


#1

I get ssl error because proper cert isn’t installed on my zato apitest instance.

curl has a -k switch that works as I need and I was wondering if I could do the same kind of thing with zato apitest or not?

Something like verify=False in request.get. I’ve tried some code in the environment setup but just couldn’t get anything to work.

eg.
-k, --insecure
(SSL) This option explicitly allows curl to perform “insecure”
SSL connections and transfers. All SSL connections are attempted
to be made secure by using the CA certificate bundle installed
by default. This makes all connections considered “insecure”
fail unless -k, --insecure is used.


#2

Hello @bigale,

can you please send the code that you are using? I’d like to confirm which steps these are.

Thanks.


#3

Hi @dsuch,
I actually figured out a work-around that works for me. Requests will skip verify if CURL_CA_BUNDLE is set to empty string. Ref: https://stackoverflow.com/questions/48391750/disable-python-requests-ssl-validation-for-an-imported-module

Change environment.py to:

def before_feature(context, feature):
    os.environ["CURL_CA_BUNDLE"] = ""