REST APIs Simplified! - Build and Consume in Python

Flask.tar.gz

Get Products

Get Product

Create Product

Update Product

Delete Product

Product OPTIONS

REST is the most used mechanism to publish APIs for general consumption. Each language has its own set of libraries and methods that help a developer consume these APIs. This course will teach you how to use Python and its libraries for consuming and creating REST APIs in the easiest way possible.

In the first part of this course, you’ll learn how to work with Python in using REST APIs for various scenarios. Then, in the second part, you’ll focus on building your own REST APIs using the HTTP methods, including GET, PUT, etc.

This course is geared toward intermediate users who have a basic understanding of Python and want to improve their skills in using existing REST APIs and building their REST API implementations.

Python REST API Development: A Comprehensive Guide

# How to ignore verification

A certificate signed by a Certificate Authority (CA) forms the basis of HTTPS-enabled websites and services. The CA itself is a certificate (cert) that is used to sign other certs. However, if the CA cert used by the service isn't present in the client's system, then there are two approaches:

1. Ignore the cert verification process and proceed to fetch data from the endpoint.
2. Load the CA cert manually, pass it on to the verification process, and then proceed to fetch data from the endpoint.

The most common reason for a CA cert to not be present in the system is that the server cert is self-signed, i.e., the owner of the service has issued both the server cert and the CA cert. From a security standpoint, approach 1 should be used only until the CA cert is obtained from the owner of the service. Once it's obtained, approach 2 should replace approach 1.

In this lesson, we'll look at how to ignore the verification of certificates. We'll use the `requests` library that we decided upon in the last lesson. The service that we'll use for checking our REST client code will be https://self-signed.badssl.com, as it provides a self-signed certificate for testing purposes.

>**Note:** We'll be building upon the example created in the last lesson to create two REST clients, one with SSL verification enabled and one without, to demonstrate both responses. 

The `requests` library accepts a set of options to configure the underlying connection. One of them relates to the verification of SSL certs. 

Without further ado, let's start.

Learn how to connect to a server by ignoring the server's self-signed certificate.

Introduction

Client

Server

Project: Tickets API

Conclusion

Connect to a Server with SSL: How to Ignore Verification

How to ignore verification