IdentityNow Bulk Role Importer - SSL Connect Issue

Identity Security Cloud (ISC) ISC Discussion and Questions
,
1

Hello Experts,

Our requirement is to create bulk roles in ISC automatically for which we wanted take leverage of “IdentityNow Bulk Access Profile and Role Importer” as per the below URL.

https://community.sailpoint.com/t5/Professional-Services/IdentityNow-Bulk-Access-Profile-and-Role-Importer/ta-p/77382

However, When we tried to trigger the Bulk Role Importer file, we got the attached error(related to SSL connect, network protocol).
One of the prerequisites for using the Bulk Role Importer is as under:
“This also requires outbound access over HTTPS (443) for REST calls to IdentityNow”.

I am looking for ways on how to overcome the cited error. Looking forward for suggestions on this.

Thanks,
Kartheek

Screenshot-1
Screenshot-11298×380 294 KB

Screenshot-2
Screenshot-21030×763 61.8 KB

2

hi @kartheek_gopu ,
Here are two potential solutions:

  1. If you’re using a VPN, try disconnecting and then run your code again. This might solve the issue.
  2. If disconnecting from the VPN isn’t feasible, you can modify your Ruby code by adding the following line:
http.verify_mode = OpenSSL::SSL::VERIFY_NONE

Place this line right after:

http.use_ssl = true

Make sure to add http.verify_mode = OpenSSL::SSL::VERIFY_NONE after every instance of http.use_ssl = true in your code.

I have also found similar post here : Deleting Access Profiles and Roles in Bulk

1 Like
3

@kartheek_gopu If you have VPN enabled please disable and try again.

4

Screenshot-3
Screenshot-31344×349 232 KB

Got the above error(Socket) when tried to execute by disconnecting the VPN

5

Could you please try once method 2 suggested?

6

Screenshot-4
Screenshot-41191×454 284 KB

Tried method2 by adding the additional piece of code in “role importer.rb”. Still getting the above SSL Connect error.

7

Have you checked in all places, there might be multiple places where ttp.use_ssl = true , so after every instance add this line http.verify_mode = OpenSSL::SSL::VERIFY_NONE

8

Screenshot-5
Screenshot-51366×172 6.07 KB

Placed “http.verify_mode” after “http.use_ssl” at 5 places in the script. Still getting the above SSL error

9

@kartheek_gopu please follow the steps provided in below post:
IdentityNow Bulk AccessProfile and Role Importer - Identity Security Cloud (ISC) / ISC Discussion and Questions - SailPoint Developer Community

image
image889×612 64.2 KB

1 Like
10

@shekhardas1825 :

Screenshot-6
Screenshot-6777×340 22.1 KB

Downloaded the “cacert.pem” file into my local system, added the system variable in environment variables. Got the above error response. Am i missing something here?

11

@kartheek_gopu Can you close cmd, reopen it and they try?

12

@shekhardas1825 : Still getting the same error. I have placed the pem file in my local directory rather than directly in C Drive as my system is not allowing to create new folders in directly in C drive due to permission issue.

13

did you save the “cacert.pem” under “C:\railsinstaller” folder? you will see this folder in you C drive.

14

@shekhardas1825 : I dont have any “railsinstaller” folder within C Drive.
I have placed the pem file in my local system(C:\Users\kgopu\Desktop\identitynow-bulk-configuration\identitynow-bulk-configuration\PEM\cacert.pem). Anyway, I am referring this path in System Variables. Will this be an issue?

15

you did not installed ruby?

16

I have Ruby 2.4.1 Installed in my local system as its a prerequisite for Bulk Role importer

17

Okay, please copy the “cacert.pem ” under “\Ruby32-x64\bin\etc\ssl” wherever you have installed the ruby and update you system variable with this path.

Close all your cmd and try.

18

Have you tried to set this?

 http.use_ssl = false
19

@mpotti : Still getting the same SSL Error after updating “http.use_ssl = false”

Screenshot-7
Screenshot-71358×176 7.95 KB

20

My System is not allowing to place the pem file in the Ruby Installed SSL folder(as its installed in C drive, permission issues are there)