SSL bad handshake error with Python requests

Question

I am getting an SSL "bad handshake" error when using a python script with requests to log in to https://selfserve.publicmobile.ca/Overview/

Here's the error:

Traceback (most recent call last):
  File "/home/pi/Documents/repos/private-repos/public-mobile-usage-scraping/pm_usage_scraping_to_db.py", line 55, in <module>
    r = s.get(URL)
  File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 526, in get
    return self.request('GET', url, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 513, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 623, in send
    r = adapter.send(request, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/requests/adapters.py", line 514, in send
    raise SSLError(e, request=request)
SSLError: ("bad handshake: Error([('SSL routines',  'SSL3_GET_SERVER_CERTIFICATE', 'certificate verify failed')],)",)

I know that a workaround is setting verify=False but will leave me vulnerable, especially since I want to send my username and password over this.

From my research, it seems like the website is missing an intermediate certificate (see https://www.ssllabs.com/ssltest/analyze.html?d=selfserve.publicmobile.ca).

Is that true? Where/how do I find the intermediate certificate to add it to my code?

Alternatively, how bad is it if I make a non-SSL request to that site with my account credentials, considering I am only doing that from my home network?

I am new to python and web scraping, and have only a rudimentary of SSL and web security. Thank you so much for help!

Answer 1

s.get(***, verify=False) you try, cancal verify