So I have been getting the following error when trying to request an HTTPS resource using the python RDFLib module:
File "/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10/urllib/request.py", line 1351, in do_open
raise URLError(err)
urllib.error.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:997)>
What I have tried thus far:
Installed Python 3.10.4 from python.org
Executed the Install Certificates.command successfully tried the request again and I get the same error
Created a virtual environment using python3 -m venv venv which is based on Python 3.10.4, activated it, updated certifi just in case using pip3 install certifi --upgrade as it was suggested in other posts, and tried the request again and I still got the error.
Out of desperation, I did a clean install of Monterey and still get the same error
So it appears that the issue is that the certificates are not actually getting installed even though the command executes successfully:
/Applications/Python\ 3.10/Install\ Certificates.command ; exit;
meh#iMac ~ % /Applications/Python\ 3.10/Install\ Certificates.command ; exit;
-- pip install --upgrade certifi
Requirement already satisfied: certifi in /Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10/site-packages (2021.10.8)
-- removing any existing file or link
-- creating symlink to certifi certificate bundle
-- setting permissions
-- update complete
Saving session...
...copying shared history...
...saving history...truncating history files...
...completed.
I have actually been trying to solve this for many months, coming back and trying again and again but I can't seem to find a solution.
This seems to be a common issue that is usually resolved by executing the Install Certificates.command but that simply doesn't work for me. It's worth noting that I have the same issue on a brand new MacBook Pro with Monterey.
I would appreciate any suggestions on what I can try next.
It turns out that the target resource has a misconfigured certificate. Since there is no way to disable certificate verification in RDFLib - as far as I can tell - I have worked around the solution by requesting the resource via the python requests module with verify=False instead. Then I load the resource into RDFLib as text.
Related
I am creating a discord bot using pycharm 3.8. while running the code i get the error:
SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1108) Discord/python
Naturally I looked this up and found this thread, the solution is to run the install certificates.command. but while running this I get this error:
ERROR: Could not install packages due to an OSError: [Errno 13] Permission denied: '/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/certifi'
Consider using the `--user` option or check the permissions.
Reading this, I used the same command in terminal (both in pycharm and the actual application) but followed by --user. This returns this message:
Requirement already satisfied: certifi in ./.local/lib/python3.8/site-packages (2021.5.30)
This leads me to think that I already have the correct certificates installed... but I still get the error stated at the start of this question. does anyone know how to fix this?
SOURCE CODE
The latest Python versions on MacOS come with their own private copy of OpenSSL. That means the trust certificates in the system are no longer used as defaults by the Python ssl module. To fix that, you need to install a certifi package in your system.
I see that you have done pip install certifi --user, but you also need to install Certificates.command.
Hence this should fix your issue: open /Applications/Python\ 3.8/Install\ Certificates.command
for my job purposes, I need a MacOS, but there is no possibility to use a real mac. So I decided to set up virtual machine, using Virtualbox. After the machine was successfully setup, I've opened the Terminal app and run the following commands:
1)/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)" (Homebrew install)
2)brew install python (Python 3 install)
3)pip3 install numpy
As an output of the last command, I got the next error message:
WARNING: pip is configured with locations that require TLS/SSL, however the ssl module in Python is not available.
ERROR: Could not find a version that satisfies the requirement numpy (from versions: none)
ERROR: No matching distribution found for numpy
Could not fetch URL https://pypi.org/simple/pip/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host='pypi.org', port=443): Max retries exceeded with url: /simple/pip/ (Caused by SSLError("Can't connect to HTTPS URL because the SSL module is not available.")) - skipping
Of course, I've tried to find a solution online. Reinstalling python or openssl via Homebrew didn't help. Linking openssl or installing other CA also didn't solve the problem. How can I actually fix this?
P.C. I also know that Apple is a sh*t company and tries to have minimum hardware and software of other companies. That's why they use LibreSSL instead of OpenSSL. But the last one is one that Python requests in order to have the ability to install packages via pip. After python was installed, the following message was in terminal:
This formula is keg-only, which means it was not symlinked into /usr/local.
If you need to have openssl#1.1 first in your PATH run:
echo 'export PATH="/usr/local/opt/openssl#1.1/bin:$PATH"' >> ~/.bash_profile
Running proposed command also doesn't solve the problem. Any thoughts?
I am trying to get the audio from a YouTube video, using the command:
youtube-dl --extract-audio --audio-format mp3 [video link]
Each time I try to run this command in Terminal on macOS (High Sierra v10.13.2), it gives me this error:
ERROR: Unable to download webpage: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:749)> (caused by URLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:749)'),))
Note: I have youtube-dl installed, and also have Python 2.7 and Python 3.6 (if that helps)
If anyone can help me resolve that issue, that would be great.
I've had this issue for a while now and was never able to solve it. So I did the temporary fix of
[ Terminal ]
--no-check-certificate
Sadly, that just turns your HTTPS youtube-dl request into a plain text HTTP request.
After some digging I found that it was a Python v3.6 issue.
https://bugs.python.org/issue29065#msg283984
If you use VIM or any edit to check
vim '/Applications/Python 3.6/ReadMe.rtf'
If you look for ( Certificate verification and OpenSSL\ )
You'll see that ...
During installation of Python v3.6 They decide to use their own private version of OpenSSL, unfortunately that doesn't natively work with the default root certificates. It does however, come with a command script to install a curated bundle of default root certificates.
The bug recommended me to the python certifi module. The modules just seems to be good for finding where your certificate is.
[ Python v3.6 ]
import certifi
certifi.where()
'/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/certifi/cacert.pem'
That really just told where it was, but I did it using the python terminal interpreter just in case.
[ Terminal ]
open '/Applications/Python 3.6/Install Certificates.command'
Me personally this was my terminal response...
[ Terminal ]
-- pip install --upgrade certifi
Requirement already up-to-date: certifi in /Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages
-- removing any existing file or link
-- creating symlink to certifi certificate bundle
-- setting permissions
Traceback (most recent call last):
File "", line 44, in
File "", line 40, in main
PermissionError: [Errno 1] Operation not permitted: 'cert.pem'
logout
Saving session...
...copying shared history...
...saving history...truncating history files...
...completed.
[Process completed]
BUT IT WORKED AND I DON'T HAVE TO DEAL WITH THAT SSL VERIFICATION FAILED ANYMORE! (-.-)\ /(-.-)/
I will try to make a proper approach to the problem rather than just listing what works for me. The following does not require the Install Certificates.command script, which may or may not have been installed along with Python.
Source of the problem
It needs to be pointed out that the source of the error is not Python itself. Looking closely to the error message, you can see that Python just communicates the error produced by the OpenSSL library (called by _ssl.c). If the Python you are using has been installed using homebrew, chances are that more network utilities (e.g. wget) installed using homebrew have similar issues.
This means that in order to fix the problem, we need to make sure that the OpenSSL library used by Python has access to a valid, up-to-date certificates bundle.
Locating the right OpenSSL library
As many OpenSSL libraries may be installed on your system, you need to find the one used by your Python interpreter. The OpenSSL library is loaded by the ssl Python module, so we need to locate that first:
pyssld=$(python3 -c 'import ssl, pathlib; print(pathlib.Path(ssl.__file__).parent)')
echo "$pyssld"
This will print out the directory where we should look for the C library used by the ssl to load OpenSSL. This is done with the following command:
pyssl=$(find "$pyssld" -iname '*ssl*.so')
echo "$pyssl"
Finally, we can check where the OpenSSL library loaded by the Python ssl module is located:
pyopenssl=$(otool -L "$pyssl" | grep libssl | awk '{print $1}')
echo "$pyopenssl"
This shall print something like:
/opt/homebrew/opt/openssl#1.1/lib/libssl.1.1.dylib
This points where the OpenSSL library used by Python is located.
Fixing the problem
Acquiring a certificate bundle
To acquire an up to date certificate bundle to use with OpenSSL library, you can install the Python certifi package.
pip3 install --upgrade certifi
cabundle=$(python3 -c 'import certifi; print(certifi.where())')
echo $cabundle
Adding the new certificate bundle to OpenSSL
Finally, we need to place the certificate bundle where OpenSSL can find it. We know the location of the library. But the bundles are stored in a different directory. To jump to the right directory and link the bundle, use:
cd $(echo "$pyopenssl" | sed -E 's%/opt/(openssl[^/]*).*%/etc/\1%')
ln -sf "$cabundle" cert.pem
Cleanup
After checking that everything works, you can now clean up the environment variables we have used.
unset cabundle pyopenssl pyssl pyssld
Following is the error produced when I try to install "mysql-connector-python" in pycharm. Any help would be great.
Non-zero exit code(1)
Try to run this command from the system terminal. Make sure that you use the correct version of 'pip' installed for your Python interpreter located at 'C:\Users\karan.gupta\AppData\Local\Programs\Python\Python36-32\python.exe'.
Collecting mysql-connector-python
Could not fetch URL https://pypi.python.org/simple/mysql-connector-python/: There was a problem confirming the ssl certificate: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:748) - skipping
Could not find a version that satisfies the requirement mysql-connector-python (from versions: )
No matching distribution found for mysql-connector-python
Run pip install mysql-connector from your Terminal, as the error handler suggests. Or try to run the same command from wherever you've already tried, but without the -python at the end.
Click here!
Use MySQLdb instead, i used it and it's working fine. Method is in the blog.
Hope it will help you
I believe this version of the connector works only with python 2.7, if you try installing it with python 2.7 version, maybe it will work.
I am trying to upload a new python project from my mac to PyPI via:
python setup.py sdist upload -r pypi
When I try to upload a package, I get the following error on OSX:
Submitting dist/PyTreasuryDirect-0.1.0.tar.gz to https://pypi.python.org/pypi
error: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:581)>
This question is slightly related to these two questions, ssl with pip and when importing the ssl library. However I need setup.py to work in my case, how can I get past this ssl error?
I also get the same error on Python 2.7.9 and Python 3.5 using OSX 10.10.2 (14C109)
The solution for OS X 10.10 is to use its default Python version 2.7.6.
This problem is related to the fact that starting from Python version 2.7.9 certificate validation for stdlib http clients is enabled by default (PEP 476). This issue is described in Python bug tracker.