Keycloak 20.0.1 and flask-oidc issue

Snadder · January 11, 2023, 11:12am

Hi, I have have vm running keycloak with certs for https, these are valid certs with Globalsign as issuer. So then thought that my flask app running flask-oidc should be able to verfiy the certificate, but instead after pressing login to keycloak i get ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1129)

Anyone know how to solve this?
I thought that as long as the rootCA is available in httlib2 that flask-oidc uses it would validate, but it does not. I have checked that httplib2 has the rootCA for my certificates, and it is there. Could not find the intermediary cert, but added it manual, but still it fails

reddybhavaniprasad · April 12, 2023, 10:33am

@Snadder can you please share the solution here?. I am also facing the similar issue.

2023-04-12,10:19:00.620 ERROR {__init__} [_validate_token] ERROR: Unable to get token info
2023-04-12,10:19:00.621 ERROR {__init__} [_validate_token] [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1007)

The same client_secrets.json is working fine with unsecured keycloak endpoints but throws the above error with secured keycloak endpoints.

So I need suggestions on adding secured keycloak endpoints to the client_secrets.json file.

Topic		Replies	Views
OIDC SSL certs not being sent as part of header Getting advice	0	353	May 9, 2020
Fixed: Unable to locate keystore file Securing applications oidc	9	4776	October 8, 2021
Terminal OIDC Client, Keycloak and http redirects Getting advice oidc	7	4519	October 13, 2019
Login with keycloak	0	399	November 4, 2020
Unable to resolve CORS issue with all permissive web origins Configuring the server authentication	0	515	January 17, 2023

Keycloak 20.0.1 and flask-oidc issue

Related Topics