1

I am hoping someone has gone through this and hopefully has a working Python script. I have been trying to pull MTA logs from Mimecast. So far, I have tried the codes from the below websites:

https://www.mimecast.com/tech-connect/documentation/endpoint-reference/logs-and-statistics/get-siem-logs/

https://github.com/JoshuaSmeda/mimecast_log_collector

https://github.com/bsdkid/mimecast-api-class/blob/master/get-TTP.py

The error I get is

SSLError: HTTPSConnectionPool(host='api.mimecast.com', port=443): Max retries exceeded with url: /api/login/discover-authentication (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)'),))

I also have all the necessary credentials, such as user(account), password, app_id, app_key, access_key, and secret_key. Unfortunately, nothing has worked for me.

Any help is much appreciated.

Thanks

Infinite_Loop
  • 380
  • 1
  • 7
  • 18

1 Answers1

2

You probably got some sort of SSL inspection happening in your environment.

Have you tried testing on a another test instance perhaps where there is no transparent proxy filtering internet traffic.

You can also try using the SSL verify argument (set to false) for the API request to ignore the cert validation issue.

Arg: 

verify=False

Example based on https://github.com/JoshuaSmeda/mimecast_log_collector: 

try:
  r = requests.post(url='https://api.mimecast.com/api/login/discover-authentication', data=json.dumps(post_body), headers=headers, verify=False)

If it works for the discovery - then add the verify argument to each post. Keep in mind the risks of doing this because you open yourself up to MITM attacks as an example. The risks of HTTP would apply.

Documentation on requests can be found here:

https://buildmedia.readthedocs.org/media/pdf/requests/latest/requests.pdf

Hope this helps.

JoshuaSmeda
  • 39
  • 7