i'm a teacher in a high school and we're using python to code. I'm trying to install packages like pygame and mysql.connector but the firewall is blocking me from using pip...
I get the following error messages:
Could not fetch URL https://pypi.org/simple/pip/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host='pypi.org', port=443): Max retries exceeded with url: /simple/pip/ (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1123)'))) - skipping
Any chance there is a way to do this around the firewall? I've already tried contacting our IT tech but they can't or won't help. We need this for our senior pupils and their computing projects.
Thanks!!
You're going to have a bad time if you can't even install pip packages on those PCs.
My recommendation instead would be to create VM images with all the dependencies installed at home and just bring them to the school PCs.
This was the standard at my university's CS degree at least. We were provided with pre-configured environment for pretty much every lecture (operating systems, programming, computer networks etc.) - as a plus, that way the professors didn't have to waste time "troubleshooting" unique issues with environment.
Link for Oracle's Open-source VM
Related
I'm trying to use youtube DL with FFmpeg to download an m3u8 stream. Just recently I started receiving this error:
ERROR: Unable to download webpage: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED]
certificate verify failed: unable to get local issuer certificate (_ssl.c:992)>
(caused by URLError(SSLCertVerificationError(1,
'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed:
unable to get local issuer certificate (_ssl.c:992)')))
I know Youtube DL supports an option for nocheckcertificate but by enabling this after a couple of minutes the target machine will refuse the connection. When trying to use the same m3u8 stream on another computer, I could download the stream without any issues.
I know that someone from Youtubedl CERTIFICATE_VERIFY_FAILED suggested fixing "your system's CA certificate list". What is the process of doing this?
I tried upgrading/reinstalling python and reinstalling the latest Windows update
I also want to mention that there hasn't been any issue with downloading for the past year but recently stumbled upon this when switching proxy providers. But because the same setup works on another PC without any issue it's probably not the reason.
The system the program is running on is Windows
Edit: Another note is that downloading other public m3u8 streams works perfectly fine, so the problem is probably with the system CA SSL.
From a python app attempting to make an HTTPS request I'm hitting an error which I'm struggling to understand:
[SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:1129)
I presume this is coming from OpenSSL. But besides the handshake failing, it doesn't tell me what the problem is. IE: it doesn't tell me why the handshake failed or what step of it failed.
Various links on google give things to try, but give no reason why they might work. I have tried them but nothing worked so far. Based on these results I have tried:
upgrading certifi
running the certificate install script in mac python install directory
upgrading the python version
Is there any way to get more information about this error?
Steffen Ullrich pointed out that this error is server-side. This may be useful to others debugging. For us the problem was that we were not sending a client certificate when we were supposed to be.
For now, just a work around - folks on this fourm led me to try
compare openssl ciphers (identical in both my good and bad environments)
openssl s_client -connect news.somewhere.com:563 (worked)
then add the following python code based on output from the above:
import ssl
cntxt = ssl.create_default_context()
cntxt.set_ciphers("AES256-GCM-SHA384")
import nntplib
nntp = nntplib.NNTP_SSL('news.somewhere.com', ssl_context=cntxt)
which solved the SSLV3_ALERT_HANDSHAKE_FAILURE I was getting. (You will want to select the cipher that worked in that s_client test connection to your server.)
There are a dozen library and module version differences between my two environments, but in general the old environment uses python-3.9.7 and the new (broken but now running environment) uses python-3.10.5
Hopefully this narrows things down a bit.
I am trying to use endpoint from apify.com. When I run my request in web browser with token everything is fine but if I run my request via requests library from python console I am getting following error:
SSLError: HTTPSConnectionPool(host='', port=443): Max retries exceeded with url: /endpoint?token=token (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1131)')))
Moreover if I set verify = False in my request than request is working. Does anyone have an idea what can be wrong? Thanks in advance
I had this issue come up a few weeks ago.
>>> pip install certifi
>>> python -m certifi
I'm not certain that one needs to actually call the module to get it's functionality, but I did and it solved the error. More info on Certifi here. It is also a recommended package extension to requests from their website. I added those lasts bits because I was wary of installing a package that ostensibly was never called after installation.
Solution was to install internal company SSL package for managing SSL connection from python. There was a recent change.
For my company's project, i need to use ESRI arcgis python API to access the data in our Enterprise ArcGIS portal.
After installing the arcgis library, i did a test of the connection via GIS().
the code looks as below
gis = GIS( profile="link to the portal",username ="username",password="password",verify_cert = False ,proxy_host='username:password#proxy_host',proxy_port=proxy_port)
But it gives me an error as below
Please set verify_cert=False due to encountered SSL error: HTTPSConnectionPool(host='www.arcgis.com', port=443): Max retries exceeded with url: /sharing/rest/generateToken (Caused by SSLError(SSLError(1, '[SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1123)')))
The error still exists even though i set verify_cert = False
Also i tried to set the proxy in the environment beforehand
os.environ['https_proxy'] = "http://proxy"
No luck as well.
my openssl version is OpenSSL 1.1.1k 25 Mar 2021-
It's very appreciate if anyone could provide me some solutions
we managed to get past this error by downgrading urllib3 to 1.25.11 in the python virt env after installing arcgis, using pip install urllib3==1.25.11
then connected using out proxy gis = GIS(the_url, verify_cert=False, proxy_host="our.proxy", proxy_port=port_num)
When running sam build --use-containers to create an AWS python 3.8 lambda function that uses a downloaded library, I am getting an error:
pip._vendor.requests.exceptions.SSLError: HTTPSConnectionPool(host='files.pythonhosted.org', port=443): Max retries exceeded with url: /packages/d0/32/6c367f54699bd51961cf3e10299f6dee976f0f6813210052a4d8c2bd1d2b/pymemcache-3.2.0-py2.py3-none-any.whl (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: certificate is not yet valid (_ssl.c:1108)')))
I checked the certificate on https://files.pythonhosted.org, and the cert is marked as starting on 7/13/2020. it's currently 7/14/2020.
I see that I can set the trusted hosts option to hopefully avoid this, (similar to: pip install fails with "connection error: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:598)"), but when PIP is being run from within a container via a script Im not sure how to set it.
if looks like I can use an environment variable to set the PIP trusted hosts as well, but I am not sure how to set that in the docker image used by SAM
(running on a windows 10 system)