3

I am using Python zeep to make a SOAP request. For SSL verification, HostHeaderSSLAdapter was added as my URL https://dev_alias:8096/some_soap, contains an alias rather than the actual host name.

This below code with requests works OK. So I would assume session is correct. 

import requests
from requests_toolbelt.adapters import host_header_ssl
from zeep.transports import Transport
from zeep import Client, Settings

url = 'https://dev_alias:8096/some_soap'
params = {'param1': 'value1'}

session = requests.Session()
session.verify = 'CertBundle.pem'
session.mount('https://', host_header_ssl.HostHeaderSSLAdapter())

headers = {'SOAPAction': '""', 'Content-Type': 'text/xml; charset=utf-8'}
message = b"<?xml version=\'1.0\' encoding=\'utf-8\'?>....</soap-env:Envelope>"

session.post(url, data=message, headers=headers)

However, when the same session is used for zeep's Transport, this code fails.

transport = Transport(session=session)
client = Client(url, transport=transport)
client.service.some_service(params)

SSLError: HTTPSConnectionPool(host='actual_hostname', port=8096): 
Max retries exceeded with url: /some_soap (Caused by SSLError(CertificateError(
"hostname 'actual_hostname' doesn't match 'dev_alias'",),))

How can I turn off host name verification with zeep? Using zeep version 3.4.0 0 and requests 2.22.0

E.K.
  • 4,179
  • 8
  • 30
  • 50

2 Answers2

2

for testing purposes maybe you can disable ssl verification as explained here https://python-zeep.readthedocs.io/en/master/transport.html

In this case, change your session.verify line to

session.verify = False

Note that you almost certainly don't want to do this in a production system.

Thayne
  • 6,619
  • 2
  • 42
  • 67
Andrea Bisello
  • 1,077
  • 10
  • 23
  • 2
    A link to a solution is welcome, but please ensure your answer is useful without it: [add context around the link](//meta.stackexchange.com/a/8259) so your fellow users will have some idea what it is and why it’s there, then quote the most relevant part of the page you're linking to in case the target page is unavailable. [Answers that are little more than a link may be deleted.](//stackoverflow.com/help/deleted-answers) – Dharman Nov 15 '19 at 00:04
1

Might be a bit late to the party, but just to provide a full code snippet expanding on Andreas answer:

from zeep import Client
from zeep.transports import Transport

url = 'https://dev_alias:8096/some_soap'

# create a custom transport object turn off verification in it's session
transport = Transport()
transport.session.verify = False

client = Client(url, transport=transport)
client.service.some_service()

I had some issues figuring out the correct syntax myself, hope this helps.

Leon Menkreo
  • 129
  • 4