Does SSL Certificate for Tick History has impact on Authentication as well
Secure Sockets Layer (SSL) certificate used to secure the DataScope Select and Tick History web site and API endpoints accessed via the Internet and private network connections (DDN/FCN).
When client certificate expired; they did not received any error for Authentication Token Request. However While extracting the data they received the error.
Does authentication work without SSL certificate renewal or is this something to do about AWS direct download.
requestUrl = "https://selectapi.datascope.refinitiv.com/RestApi/v1/Authentication/RequestToken"
requestHeaders={
"Prefer":"respond-async",
"Content-Type":"application/json"
}
requestBody={
"Credentials": {
"Username": USERNAME,
"Password": PASSWORD
}
}
authenticationResp = requests.post(requestUrl, json=requestBody,headers=requestHeaders)
print("Received the response for authentication request")
DownloadFromAWS=True
requestUrl="https://selectapi.datascope.refinitiv.com/RestApi/v1/Extractions/RawExtractionResults" + "('" + jobId + "')" + "/$value"
requestHeaders={
"Prefer":"respond-async",
"Content-Type":"text/plain",
"Accept-Encoding":"gzip",
"Authorization": "token " + token
}
if DownloadFromAWS==True:
requestHeaders.update({"X-Direct-Download":"true"})
dataRetrieveResp=requests.get(requestUrl,headers=requestHeaders,stream=True)
print("Received the response for retreiving data using the jobId")
SSLCertVerificationError Traceback (most recent call last)
File d:\Research\Regime\.venv\lib\site-packages\urllib3\connectionpool.py:700, in HTTPConnectionPool.urlopen(self, method, url, body, headers, retries, redirect, assert_same_host, timeout, pool_timeout, release_conn, chunked, body_pos, **response_kw)
699 if is_new_proxy_conn and http_tunnel_required:
--> 700 self._prepare_proxy(conn)
702 # Make the request on the httplib connection object.
Best Answer
-
As pointed earlier, either there is a problem with your network stack - i.e. firewall re-signing the traffic, or your python instance might be old and certificates no longer supported. To verify the network issue, use-
verify=False
as a parameter in your requests GET/POST call. Important - this is a temporary test and should not be used in a production application due to the security risk.
If it does indeed turn out to be the certificate error, then please update your python instance to a latest version - maybe reinstall Python 3 with newer packages. Also see this discussion about the certificate errors.
1
Answers
-
Hi @Vinod A,
Its not clear what you are describing.
Tick History endpoint is signed by Comodo Certificate Authority which is one of the build in CA within Python's trust store. There should be no need for any additional client certificates, and the Python requests module can connect and get data from DSS/TickHistory without any issues.
If your application is connecting through a secure network proxy, which is re-signing the network traffic, and if that certificate has changed or expired -- you will have to update it in your application accordingly.
0 -
Following is the error when try to download data from AWS. it seems host is amazonaws.com domain, somehow DSS server points amazonaws host then somehow certification information to the aws server.
However, we consider that for some reason that part is not done correctly, resulting in a certification error for aws. please let us know the mechanism of how certification information is transmitted from DSS to AWS host.
SSLError: HTTPSConnectionPool(host='a205143-use1-prod-results-custom.s3.amazonaws.com', port=443): Max retries exceeded with url: /85B662A7AB7F4420AC16E45CCA79D819/data/merged/merged-Data.csv.gz?AWSAccessKeyId=AKIAJNJ6M4OJR7K3TWNA&Expires=1705056160&response-content-disposition=attachment%3B%20filename%3D_OnD_0x08c6d809ed09734d.csv.gz&Signature=o1VNzwmqzknzYIckmZbX83Qa8ag%3D (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1123)')))
0 -
When setting the X-Direct-Download to True, the server will return the 303 Found to the application.
Then, the application will redirect to the new URL (AWS) in the Location header.
According to the error, the AWS URL may be blocked by Firewall or network security Software.
0 -
Thanks a lot.
0
Categories
- All Categories
- 6 AHS
- 37 Alpha
- 161 App Studio
- 4 Block Chain
- 4 Bot Platform
- 16 Connected Risk APIs
- 47 Data Fusion
- 30 Data Model Discovery
- 608 Datastream
- 1.3K DSS
- 577 Eikon COM
- 4.9K Eikon Data APIs
- 7 Electronic Trading
- Generic FIX
- 7 Local Bank Node API
- Trading API
- 2.7K Elektron
- 1.3K EMA
- 236 ETA
- 519 WebSocket API
- 33 FX Venues
- 10 FX Market Data
- 1 FX Post Trade
- 1 FX Trading - Matching
- 12 FX Trading – RFQ Maker
- 5 Intelligent Tagging
- 2 Legal One
- 20 Messenger Bot
- 2 Messenger Side by Side
- 9 ONESOURCE
- 7 Indirect Tax
- 59 Open Calais
- 264 Open PermID
- 39 Entity Search
- 2 Org ID
- PAM
- PAM - Logging
- 8.4K Private Comments
- 6 Product Insight
- Project Tracking
- ProView
- ProView Internal
- 20 RDMS
- 1.4K Refinitiv Data Platform
- 367 Refinitiv Data Platform Libraries
- 3 Refinitiv Due Diligence
- LSEG Due Diligence Portal API
- 3 Refinitiv Due Dilligence Centre
- Rose's Space
- 1.1K Screening
- 18 Qual-ID API
- 13 Screening Deployed
- 23 Screening Online
- 10 World-Check Customer Risk Screener
- 990 World-Check One
- 44 World-Check One Zero Footprint
- 45 Side by Side Integration API
- Test Space
- 3 Thomson One Smart
- 1.2K TR Internal
- Global Hackathon 2015
- 2 Specialists Who Code
- 10 TR Knowledge Graph
- 150 Transactions
- 142 REDI API
- 1.7K TREP APIs
- 4 CAT
- 21 DACS Station
- 117 Open DACS
- 1.1K RFA
- 103 UPA
- 172 TREP Infrastructure
- 224 TRKD
- 886 TRTH
- 5 Velocity Analytics
- 5 Wealth Management Web Services
- 59 Workspace SDK
- 9 Element Framework
- 5 Grid
- 13 World-Check Data File
- Yield Book Analytics
- 46 中文论坛