SSL: WRONG_VERSION_NUMBER

Question

I am posting a request like this:

requests.post(URL, headers=HEADERS, cookies=COOKIES, data=DATA, proxies=proxy_list[ip_index], timeout=4)

and getting back the bellow error:

HTTPSConnectionPool(host='www.example.com', port=443): Max retries exceeded with url: /someurl (Caused by SSLError(SSLError(1, '[SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1123)')))

Answer 1

In my case it was caused by a typo in the URL:

If the URL has https protocol, python will try to perform an SSL handshake and the server won't understand it. SSL library will get confused by the response and throw an error.

So, replacing the protocol did the trick:

https://example.com

http://example.com

Answer 2

This fixed my problem under linux:

pip3 install urllib3==1.23

Answer 3

Depending on your proxy settings, the proxy server can be to blame for this. If you have set an https_proxy to an https:// path the proxy server can interfere with the validation process of TLS. Changing this to an http://proxy.address allows the proxy server to open the connection, and then the TLS handshake to occur between host and destination.

It can be useful to try curl -v with similar settings to see what's going on, as the python ssl bindings can misinterpret/obscure errors from the underlying library.

At the root of this, I speculate that a recent update in long-term stable images of distros like Debian has led to a raft of these issues emerging where they were perhaps previously invisible.