Original Slack Thread
<@U06TM7M40RK>, just trying to connect PowerBI Report Server to get all the information, but have a certificate issue apparently. Here is the code i’m running :
type: powerbi-report-server
config:
username: '${PBI_RS_USN}'
password: '${PBI_RS_PW}'
workstation_name: srv****
host_port: 'srv***.******-****.**:80'
server_alias: powerbi-dev.****.fr
env: DEV
report_virtual_directory_name: reports
report_server_virtual_directory_name: ReportServer
extract_ownership: true
ownership_type: TECHNICAL_OWNER```
Running on latest version.
Error returning is :
```<class 'requests.exceptions.SSLError'>: HTTPSConnectionPool(host='powerbi-dev.****.fr', port=443): Max retries exceeded with url: /reports/reports/api/v2.0/Reports (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1007)')))```
The error message you’re encountering indicates that there is an SSL certificate verification issue when trying to connect to your PowerBI Report Server. This is a common issue when using self-signed certificates or when the certificate chain is not recognized by the client.
Here are some steps to resolve this issue:
-
Verify SSL Certificate: Ensure that the SSL certificate used by your PowerBI Report Server is valid and trusted by the client machine. If it’s a self-signed certificate, you may need to add it to the trusted certificates on your client machine.
-
Set REQUESTS_CA_BUNDLE
Environment Variable: You can set the REQUESTS_CA_BUNDLE
environment variable to point to your CA certificate file. This ensures that the requests library used by DataHub can verify the SSL certificate.
export REQUESTS_CA_BUNDLE=/path/to/ca_certificate.pem
-
Disable SSL Verification (for Testing): If you are in a development environment, you can temporarily disable SSL verification to see if the issue is related to SSL/TLS. This is not recommended for production environments.
Update your ingestion recipe to include the disable_ssl_verification
parameter:
sink:
type: datahub-rest
config:
server: 'https://datahub-gms.trusted.visa.com'
token: '${DATAHUB_GMS_TOKEN}'
max_threads: 1
disable_ssl_verification: true # Temporarily disable SSL verification
-
Check Server Configuration: Ensure that the PowerBI Report Server is correctly configured to accept HTTPS connections on the specified port (443 in this case).
-
Review the Ingestion Recipe: Ensure that all other parameters in the ingestion recipe are correctly configured, including username
, password
, workstation_name
, server_alias
, and env
.
Would you like more detailed steps or further assistance on any specific part of this configuration?
Sources:
<@U06TM7M40RK> how could I get the Datahub GMS Token ?
To obtain a DataHub GMS token, you need to generate a Personal Access Token (PAT) from the DataHub UI. Here are the steps to do so:
-
Enable Metadata Service Authentication: Ensure that metadata service authentication is enabled in your DataHub deployment. This is a prerequisite for using Personal Access Tokens. You can enable it by setting the METADATA_SERVICE_AUTH_ENABLED
environment variable to true
in your GMS and frontend configurations. For Kubernetes deployments, you can set global.datahub.metadata_service_authentication.enabled
to true
in your Helm values file (https://datahubproject.io/docs/0.13.1/authentication/personal-access-tokens|source).
-
Generate Personal Access Token:
-
Use the Token: Once you have the token, you can use it to authenticate API requests to DataHub by including it in the Authorization
header as a Bearer token:
Authorization: Bearer <your-personal-access-token>
-
Environment Variable: You can also set the token as an environment variable for use in CLI or scripts:
export DATAHUB_GMS_TOKEN=<your-personal-access-token>
Would you like more detailed steps or further assistance on any specific part of this process?
Sources: