`SSL: CERTIFICATE_VERIFY_FAILED` error for an app

If you see a CERTIFICATE_VERIFY_FAILED error for an app, you can set the verify option in the app.config file to configure the default SSL verification for the app.

Symptoms

You see a CERTIFICATE_VERIFY_FAILED error for an app.

Diagnosing the problem

You see an error similar to the following:

------------------------ Running selftest for: 'fn-cisco-wsa' ------------------------ fn-cisco-wsa: 
Checking Cisco WSA connectivity and credentials...! HTTPSConnectionPool(host='10.10.10.10', port=6443): Max retries exceeded with url: 
/wsa/api/v3.0/generic_resources/auth_settings (Caused by SSLError(SSLCertVerificationError(1, '[SSL: 
CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:1129)'))) 
IntegrationError("HTTPSConnectionPool(host='10.10.10.10', port=443): Max retries exceeded with url: 
/wsa/api/v3.0/generic_resources/auth_settings (Caused by SSLError(SSLCertVerificationError(1, '[SSL: 
CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:1129)')))") selftest: failure 
selftest output: {'state': 'failure', 'reason': 'IntegrationError("HTTPSConnectionPool(host=\'10.10.10.10\', port=443): 
Max retries exceeded with url: /wsa/api/v3.0/generic_resources/auth_settings (Caused by 
SSLError(SSLCertVerificationError(1, \'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed 
certificate (_ssl.c:1129)\')))")'} Elapsed time: 0.022000 seconds ERROR: running selftest for App. Error Code: 1

Resolving the problem

Set the verify option in the app's app.config file to configure the default SSL verification for the app. For more information, see Advanced configuration settings.

SSL: CERTIFICATE_VERIFY_FAILED error for an app

Symptoms

Diagnosing the problem

Resolving the problem

`SSL: CERTIFICATE_VERIFY_FAILED` error for an app