What the cert use on murano?


#1

Hi

I’m use openwrt python try to connect “https://m2.exosite.com/onep:v1/stack/alias

but I can’t get the right certificate to pass it.

I have mini-python & pycurl & polarssl but not for more space to install openssl .

Where can I get the right certificate to pass it?


#2

Hi @johnathan

Thanks for posting! When you try to make an encrypted request to the HTTP Data API, what error do you get?

Does your device and its stack not trust something in our chain?

-Martin


#3

Hi Martin,

I got the error below.

  pycurl.error: (51, 'Cert verify failed: BADCERT_NOT_TRUSTED')

I think is my openwrt don’t have correct root-ca. How can I get the right one?


#4

Currently the CA at the root of our trust chain is: https://www.geotrust.com/resources/root_certificates/certificates/GeoTrust_Global_CA.pem

I don’t know if we provide any guarantees about which CAs we will use in the future, but it looks like our current cert is valid for ~3 years, so you should be good for at least that long with that one.

By the way, here’s a helpful tool that you can use to lookup and download certs for any given domain: https://ssl-tools.net/webservers/m2.exosite.com


#5

Hi Patrick

Thanks you help. I used this https://www.geotrust.com/resources/root_certificates/certificates/GeoTrust_Global_CA.pem still same error pycurl.error: (51, ‘Cert verify failed: BADCERT_NOT_TRUSTED’).

So I try https in Ubuntu it all be good. Then I copy ssl/certs/ca-certificates.crt from Ubuntu to my openwrt device use that it solved my problem. I don’t know how. But it’s work for me.

Appreciate your reply.