Posted on
by

Hello with client cert my old friend. Today I needed to connect a ticket system to you.

I had to tweak it a little though, because I have no idea where to put client certificates for Python’s requests lib and my current customer requires that. Any HTTPS request without will fail with status code 400: No required SSL certificate was sent. On top it’s a self signed so let’s ignore self signed server certs (I know…).

For this I edited ~/.local/lib/python3.11/site-packages/bugzilla/_backendxmlrpc.py line 43 from this:

        # pylint: disable=raise-missing-from
        try:
            response = self.__bugzillasession.request(
                "POST", url, data=request_body)

to

        # pylint: disable=raise-missing-from
        cert = ()
        verify = True
        
        if url.startswith('https://bugzilla.example.com/'):
            log.debug("Adding client certs for url: %s", url)
            cert=('/path/to/client.crt', '/path/to/client.key')
            verify = False

        try:
            response = self.__bugzillasession.request(
                "POST", url, verify=verify, data=request_body,
                cert=cert)

This time I even added my extra bits in a conditional way so other bugzilla configs should not be affected. There may be better ways to achieve this but I’ve seen no obvious in the docs at https://bugwarrior.readthedocs.io/en/latest/services/bugzilla.html – YMMV.

Leave a Reply

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Find out more about Webmentions.)