Introduction
SSL errors occur when the client cannot trust the server’s certificate, either because it is outdated, invalid, or not chained to a trusted root.
When the client receives the server’s certificate, it begins chaining that certificate back to its root. It will begin by following the chain to the intermediate that has been installed, from there it continues tracing backward until it arrives at a trusted root certificate.
If the certificate is valid and can be chained back to a trusted root, it will be trusted. If it can’t be chained back to a trusted root, the browser will issue a warning about the certificate.
Common issues
- CERTIFICATE_VERIFY_FAILED
- [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate.
Solutions
We will have several ways to fix this issue in this article. We will skip the SS certificate check in the first three solutions. For the fourth solution, we are going to install the latest CA certificate from certifi.
Common Quick Fixes for All OS :
import ssl
import certifi from urllib.request
import urlopen
request = "https://nd-123-456-789.p2pify.com/901c7d18b72538fd3324248e1234" urlopen(request, context=ssl.create_default_context(cafile=certifi.where()))
If the quick fix is not effective in your case, please follow the applicable ones from the list below.
1. Create unverified context in SSL
import ssl
context = ssl._create_unverified_context()
urllib.request.urlopen(req,context=context)
2. Create unverified https context in SSL
import ssl
ssl._create_default_https_context = ssl._create_unverified_context
urllib2.urlopen(“https://google.com”).read()
3. Use requests module and set ssl verify to false
requests.get(url, headers=Hostreferer,verify=False)
4. Update SSL certificate with PIP
We can also update our SSL certificate With PIP. All we would have to do is to update our SSL certificate directory with the following piece of code:
pip install –upgrade certifi
What this command does is update our system’s SSL certificate directory.
5. Update SSL certificate with certifi (MacOS only)
All we would have to do is follow the mentioned below steps:
- Press "command + space" button or open Spotlight
- type "Install Certificates.command"
What this command does is update our system’s SSL certificate directory for MacOS.
For more references :
- Stackoverflow
- How to use Linux
If you still have questions or issues, feel free to reach out to our Support team by emailing support@chainstack.com or submitting this form.
Comments
0 comments
Article is closed for comments.