Skip to main content
Sign in to support Start for free

Common SSL Issues on Python and How to Fix it

Rizaldy Putra
  • Updated

 

SSL certificate_verify_failed errors typically occur as a result of outdated Python default certificates or invalid root certificates.

When client receives the server’s certificate, it begins chaining that certificate back to its root. It will begin by following the chain to the intermediate that has been installed, from there it continues tracing backwards until it arrives at a trusted root certificate.

If the certificate is valid and can be chained back to a trusted root, it will be trusted. If it can’t be chained back to a trusted root, the browser will issue a warning about the certificate.



Common issues : 

  • CERTIFICATE_VERIFY_FAILED
  • [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate.

    sslissues1.png

How to fix it : 

We will have several ways to fix this issue in this article.  We will skip the SS certificate check in the first three solutions.  For the fourth solution, we are going to install the latest CA certificate from certifi.

Common Quick Fixes for All OS :

import ssl 
import certifi from urllib.request 
import urlopen 

request = "https://nd-123-456-789.p2pify.com/901c7d18b72538fd3324248e1234" urlopen(request, context=ssl.create_default_context(cafile=certifi.where()))


Or we can try it in several ways as per in below articles

1. Create unverified context in SSL

import ssl
context = ssl._create_unverified_context()
urllib.request.urlopen(req,context=context)

 

2. Create unverified https context in SSL

import ssl
ssl._create_default_https_context = ssl._create_unverified_context
urllib2.urlopen(“https://google.com”).read()

 

3. Use requests module and set ssl verify to false

requests.get(url, headers=Hostreferer,verify=False)

 

4. Update SSL certificate with PIP

We can also update our SSL certificate With PIP.  All we would have to do is  to update our SSL certificate directory with the following piece of code:

pip install –upgrade certifi

What this command does is update our system’s SSL certificate directory.

 

5. Update SSL certificate with certifi (MacOS only)

All we would have to do is to run command with the following piece of code:

- Press "command + space" button or open Spotlight
- type "Install Certificates.command"

What this command does is update our system’s SSL certificate directory for MacOS.


For more references :
- Stackoverflow
- How to use Linux

Related articles

Comments

0 comments

Article is closed for comments.