RWS with a real controller (OmniCore)

andreacarl6
andreacarl6 Modena
edited November 8 in OmniCore
Hello, I'm trying to use the RWS to comunicate with a REAL OmniCore controller.
As first I requested the mastership (or the rmmp in manual) but I obtained the following error:
requests.exceptions.SSLError: HTTPSConnectionPool(host='155.185.56.242', port=443): Max retries exceeded with url: /users/rmmp (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:1131)')))

Post edited by Maxim Riabichev on
Tagged:

Answers

  • Maxim Riabichev
    Maxim Riabichev Sweden admin
    edited November 8
    Hello there,

    RWS on OmniCore doesn't accept Self-Signed Certificates.

    Once you get your hands on a Trusted CA Certificate, you can upload it to the controller via RobotStudio as long as it's in the .PEM format.

    I believe you can generate a CA Certificate via https://letsencrypt.org/
    Post edited by Maxim Riabichev on

    Maxim Riabichev
    PC Software Support Engineer
  • Thanks for the reply. I have no experience with certificates so I'm trying to find out about it. I'm trying to generate the certificate via command line from a Linux terminal. Assuming I have generated the correct certificate, where should the certificate be uploaded? Under controller - properties - manage certificates I have the following tab.





    Do you have a standard procedure to generate the correct certificate? because via https://letsencrypt.org/ is not so clear.
    Thanks

  • Hello andreacarl6,

    Unfortunately, I haven't tried this myself yet.

    All I know is that you need to replace the self-signed certificate in rws_store with a trusted CA certificate. 

    Make sure it's in .pem format, meaning the file should contain RSA Private Key and the Certificate in one file.

    So it should look something like this:

    ------------BEGIN RSA PRIVATE KEY-----------
    Bunch of letters and numbers
    ------------END RSA PRIVATE KEY------------
    ------------BEGIN CERTIFICATE--------------
    Bunch of letters and numbers
    ------------END CERTIFICATE----------------

    Perhaps you can find a youtube guide on how to work with letsencrypt?

    Good luck! :smile:

    Best regards,
    Maxim

    Maxim Riabichev
    PC Software Support Engineer
  • andreacarl6 did you manage to get the CA? I'm facing the same problem at the moment. 
  • andreacarl6
    andreacarl6 Modena

    I solved the problem: the certificate is not needed. Just disable certificate verification when creating the session. If you use Postman to test the services do as in the image. Since I use the services through a Python wrapper I have set the “verify” parameter of the session to FALSE. All it’s working perfectly.


  • Maxim Riabichev
    Maxim Riabichev Sweden admin
    edited November 8
    Thank you for sharing this information with the community @andreacarl6!

    For testing purposes I'm sure this will come in handy for many users out there.

    However, please consider the security implications if you decide to take this route in a production environment. 
    Post edited by Maxim Riabichev on

    Maxim Riabichev
    PC Software Support Engineer
  • andreacarl6
    andreacarl6 Modena
    Of course!, in a production environment it's essential to use a certificate. Thank you for the clarification!
  • andreacarl6
    That helped a lot.