I am trying to connect the Python-Arango library to an application. I have set up the ArangoDB on Kubernetes nodes using this tutorial. My yaml file for the cluster is like this:
---
apiVersion: "database.arangodb.com/v1alpha"
kind: "ArangoDeployment"
metadata:
name: "arango-cluster"
spec:
mode: Cluster
image: arangodb/arangodb:3.7.6
tls:
caSecretName: arango-cluster-ca
agents:
storageClassName: my-local-storage
resources:
requests:
storage: 2Gi
dbservers:
storageClassName: my-local-storage
resources:
requests:
storage: 17Gi
externalAccess:
type: NodePort
nodePort: 31200
Setup seems fine, since I am able to access the web UI as well as through Arango shell. However, when I am using the python-arango library to connect my application to the DB, I am getting a certificate related error:
Max retries exceeded with url: /_db/testDB/_api/document/demo/10010605 (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'),))
When doing kubectl get secrets, I see arango-cluster-ca there, which I have explicitly mentioned in the YAML file above. I have also set the verification flag in the python code False as follows
db = client.db(name='testDB', verify=False, username='root', password='')
Yet, it does not bypass the verification as expected.
I would like to understand what I could have missed - either during setup, or in the Python call - which is not letting me bypass this SSL certificate error issue, or if it's possible to set the certificate up. I tried this Arango tutorial to setup a certificate, but it did not give me success.
Thanks.
The only workaround I was able to figure out was to opt for the unsecured route.
Instead of having arango-cluster-ca in the spec.tls.caSecretName field of arango cluster config file, I set the field to None. It allowed me to connect with http without any issues.
Would still like to know if there is some workaround to get it connected via https, so I am still open to answers, else I would close this.