I know I'm late on this answer, but hopefully this helps someone down the road.
Why you shouldn't turn off verification
While turning off certificate verification is the easiest "solution", it is
not an advisable thing to do. It essentially says,
"I don't care if I trust you or not, I'm going to send you all my information anyway."
This opens you up for a Man-in-the-Middle attack.
If you're connecting to your company's Jira server and it has a
certificate for TLS/SSL, you should be verifying against that.
I'd ask your IT department where that certificate is. It's probably
in some root certificate for your company.
If you're connecting to the server in Chrome (for example)
it should show a lock in the left-hand corner of address bar if it's secured
over TLS/SSL.
You can Right-Click that lock -> Details -> View Certificate
in Chrome.
Okay, so what do I do?
Provide the necessary certificate to the verify
option directly.
jira-python
uses Requests
for HTTP stuff (See documentation).
And according to Requests documentation
you can specify a path to a certificate file in verify
.
Thus, you can provide the root certificate for your company in verify
like so:
jira_options = {
'server': jira_server_name,
'verify': 'path/to/company/root/certificate',
}
If you're using a Windows machine (a safe assumption?), that root
certificate is stored in the registry and the best way to get it
is using wincertstore
.