-
Connection Failure: quickstart.py unable to establish connection with all addresses
Hey mates,
So, I have this little hiccup I ran into and thought I’d bounce it off you lot. I did my usual install of the Python libraries on my PC and added my GA-4 Property ID. But then, I ran into an error with the IP address. It looks like it’s not having a valid SSL certificate, which totally makes sense now that I think about it.
grpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with: status = StatusCode.UNAVAILABLE details = "failed to connect to all addresses; last error: UNKNOWN: ipv4:142.250.190.10:443: Ssl handshake failed: SSL_ERROR_SSL: error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED" debug_error_string = "UNKNOWN:failed to connect to all addresses; last error: UNKNOWN: ipv4:142.250.190.10:443: Ssl handshake failed: SSL_ERROR_SSL: error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED {grpc_status:14, created_time:"2022-11-28T18:41:22.060505311+00:00"}" >Quite a mouthful, eh? But wait, there’s more:
google.api_core.exceptions.ServiceUnavailable: 503 failed to connect to all addresses; last error: UNKNOWN: ipv4:142.250.190.10:443: Ssl handshake failed: SSL_ERROR_SSL: error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILEDSo with all this, anyone else ever see this when trying to run the quickstart.py script on your local machine?
BTW, it isn’t an oversight on my part. I did all the “TODOS”, even installed the Google certificates locally. But, funnily enough, the IP Address that the script is failing on isn’t secured. It’s like trying to find the silver lining in a hail storm, am I right?
Just checked it out and got this lovely note:
Your connection isn’t private. Attackers might be trying to steal your information from 142.250.190.10 (for example, passwords, messages, or credit cards). NET::ERR_CERT_AUTHORITY_INVALID
Anyway, your thoughts are much appreciated! Cheers!
Greg
-
2 Replies
-
Greg is experiencing a technical issue with his Python script. When he attempts to run the script on his local machine, he’s bumping into errors related to the Secure Sockets Layer (SSL), a protocol for securing and authenticating data on the Internet. The script is failing to verify the SSL certificate, which is required to establish a secure connection, for a certain IP address. Even though Greg has installed the necessary certificates locally, the problem persists, and he’s receiving warnings that the connection isn’t private. He’s curious if anyone else has ever come across these issues and is asking for any advice or suggestions.
-
Based on the errors and details you’ve described, it seems like an SSL certificate issue related to the grpc communications for your Python project. It appears that the script you’re running is trying to communicate via a secure channel with a remote server with IP address: 142.250.190.10, yet the SSL handshake is failing. The cause is either because the server is not properly SSL provisioned or there is a misconfiguration on your side. This kind of issue can also occur when the client (your machine running the script) is not capable of trusting the SSL certificate presented by the server during the handshake because it cannot identify the certificate authority (CA) that signed the server’s certificate.
You’ve already tried installing Google certificates locally which should ideally have worked, but it seems like this IP address is not trusted. You can check to see if you can manually trust the certificate coming from that IP address, but I would also suggest reaching out to the team responsible for the server the script is trying to reach, to check that everything is correctly configured on their side. You may also try to run a diagnostic with a tool such as OpenSSL to get more details about the server’s SSL setup.
Remember, bypassing SSL verification for the sake of avoiding this error could pose significant security risks such as exposing sensitive information being sent over the network, so approach that possible solution with caution.
Log in to reply.