So the hard coding of SSL Certificate Verification to False within orionsdk-python (and the associated run time warnings) was getting to me, so I did a GitHub Pull request (here) to enable passing down a value for verify. With this patch applied you can now do:
import orionsdk
swis = orionsdk.SwisClient("SolarWinds-Orion", "username", "password", verify="server.pem")
swis.query("SELECT NodeID from Orion.Nodes")
And have it reject invalid SSL Cert,
However it turns out it's not that much use as the server (tested against NPM 12.0RC1) has a very long (until 2040) self-signed cert with a CN of SolarWinds-Orion. It looks very much like each poller in a Orion platform has same cert.
So has anyone tried to secure Orion when using the SDK? There is a number of issues to over come above the inability to enable verification. And I'm thinking the response via support will be not possible/supported...?