CODEWITHSUNDEEP
pythonamazon-web-servicessslconnection
alexa
alexa

Reputation: 221

I receive SSL CERTIFICATE_VERIFY_FAILED when doing poetry install

I am trying to create a virtual environment and I was able to do in the past with poetry install. But now when trying to do a poetry install, I receive this message:

Max retries exceeded with url: /pypi/six/1.16.0/json (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1129)')))

  at ~/.poetry/lib/poetry/_vendor/py3.9/requests/adapters.py:514 in send
      510│                 raise ProxyError(e, request=request)
      511│ 
      512│             if isinstance(e.reason, _SSLError):
      513│                 # This branch is for urllib3 v1.22 and later.
    → 514│                 raise SSLError(e, request=request)
      515│ 
      516│             raise ConnectionError(e, request=request)
      517│ 
      518│         except ClosedPoolError as e:

Upvotes: 17

Views: 29403

Answers (5)

Potato
Potato

Reputation: 475

In your poetry.toml file you have [[tool.poetry.source]] section in the following format:

[[tool.poetry.source]]
name = "my-custom-name"
url = "your.custom.repository.url"
default = true

Then you can do the following:

  1. RUN poetry config certificates.my-custom-name.cert path-to-certificate - set path to certificate
  2. RUN poetry config certificates.nexus-repository.cert false - disable certificate check

Upvotes: 0

Axel Borja
Axel Borja

Reputation: 3974

To complete the answers about MacOs, If installed Python through brew you will not find the executable Install Certificates.command.

But you can fix the issue by installing certifi through brew, via: brew install certifi

Upvotes: 0

danibachini
danibachini

Reputation: 329

what worked for me (MacOS) go to Applications > Python folder > double click on "Install Certificates.command" file

Upvotes: 32

Christoffer
Christoffer

Reputation: 81

It seems like Python's requests library cannot find your certificates.

Have you configured a custom repository with a self-signed certificate? If so I have not found a great solution to this problem. In that case, please see whether you have set your CURL_CA_BUNDLE environment variable:

$ echo $CURL_CA_BUNDLE

If this points to some custom location/self-signed certificate, requests is not able to use its standard certificate bundle. You can unset it(might have side effects on services that uses it):

export CURL_CA_BUNDLE=""

If you have not configured any custom repository/certificates:

You might be able to solve this by installing certifi

Upvotes: 8

Brian Anderson
Brian Anderson

Reputation: 129

Python 3.7 when installed on MacOSX systems needs to run a script to install certificate dependencies on your system for python environment via bash.

#!/bin/sh

/Library/Frameworks/Python.framework/Versions/3.7/bin/python3.7 << "EOF"

# install_certifi.py
#
# sample script to install or update a set of default Root Certificates
# for the ssl module.  Uses the certificates provided by the certifi package:
#       https://pypi.org/project/certifi/

import os
import os.path
import ssl
import stat
import subprocess
import sys

STAT_0o775 = ( stat.S_IRUSR | stat.S_IWUSR | stat.S_IXUSR
             | stat.S_IRGRP | stat.S_IWGRP | stat.S_IXGRP
             | stat.S_IROTH |                stat.S_IXOTH )

def main():
    openssl_dir, openssl_cafile = os.path.split(
        ssl.get_default_verify_paths().openssl_cafile)

    print(" -- pip install --upgrade certifi")
    subprocess.check_call([sys.executable,
        "-E", "-s", "-m", "pip", "install", "--upgrade", "certifi"])

    import certifi

    # change working directory to the default SSL directory
    os.chdir(openssl_dir)
    relpath_to_certifi_cafile = os.path.relpath(certifi.where())
    print(" -- removing any existing file or link")
    try:
        os.remove(openssl_cafile)
    except FileNotFoundError:
        pass
    print(" -- creating symlink to certifi certificate bundle")
    os.symlink(relpath_to_certifi_cafile, openssl_cafile)
    print(" -- setting permissions")
    os.chmod(openssl_cafile, STAT_0o775)
    print(" -- update complete")

if __name__ == '__main__':
    main()
EOF

This is the contents of the bash script which installs certifi package ssl certs. It should also be located in your installed Python folder in Applications.

cd /Applications/Python\ 3.7/
./Install\ Certificates.command

Upvotes: 1

Related Questions