0

Trying to make a post request and I'm receiving a 403 Response with the message saying "No Client Certificate present in Http Request". I tried making the request with verify=False but I still run into the same issue.

This is the get request I'm making

r = requests.post('https://www.ezcardinfo.com/api/Login/ValidateUsername', params={'userName': my_user_name, 'devicePrint': devicePrint}, headers=header)

Now, I don't know where to get the client certificate or how to get one in general. I have pyopenssl and certifi and found the path for my request_ca_bundle by entering

certifi.where()

When I set verify='path/to/request_ca_bundle' I still get the 403 error.

logan_b
  • 43
  • 1
  • 6

1 Answers1

1

... No Client Certificate present in Http Request

This means that the server requires the client to authenticate itself with a certificate. In that mutual authentication not only the server presents a certificate to the client which is then validated by the client, but the client is also required to present its own certificate to the server.

Client certificates are not often used. If they are used it is typically required that you get a certificate from a specific CA or that the certificate you generate some certificate and associate it with your account. The details depend on the actual site and you have to look at their documentation or contact them for details.

I tried making the request with verify=False ...

This only disables validation of the servers certificate and thus has no effect on client certificate related problems.

When I set verify='path/to/request_ca_bundle' I still get the 403 error.

This only sets the trusted CA needed to validate the server certificate and thus has no effect on client certificate related problems.

Note that you get the same error also when accessing the specific URL with your browser. If you don't get this error with the browser you might have necessary certificate installed there. In this case you need to export both certificate and key and then you can use it within the cert parameter, see Client Side Certificates in the documentation.

Steffen Ullrich
  • 114,247
  • 10
  • 131
  • 172
  • Alright, then how is the browser able to make that post request? When I tried to access that specific URL within my browser I received the same error. So, I don't know how Chrome is able to successfully make that post request yet not successfully access that specific URL. – logan_b Nov 18 '17 at 15:21
  • @HunterBetz: I'm not sure I understand you: in one sentence you ask how the browser is able to make this post request but in another sentence you say that the browser received the same error, i.e. was not successful. From my understanding these are contradictory statements. Anyway, in my opinion the browser needs to have a client certificate too which you must provide. If you don't provide any the browser will fail too. – Steffen Ullrich Nov 18 '17 at 16:21