I have the follwing script:
from currency_converter import CurrencyConverter
test = CurrencyConverter('http://www.ecb.europa.eu/stats/eurofxref/eurofxref.zip')
I try to run it on machine with windows 10 and python 3.6.7 and always get this error:
urllib.error.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:847)>
Running it on other windows 10 machines with python 3.6 works fine. I tried it on this machine with python 3.7 and get the same error. What could be wrong with the python installation ?
The reason it worked on MS Edge and not in Brave is because Brave doesn't have root ca added in trusted certificates. You need to add your ROOT_CA certificate in brave browser.
Related
I'm sending some code to a server which has a soap api and a self signed certificate according to firefox.
I'm using this code this works only in python 3.6:
url="https://ws.hph.hu:10446/v1b/OrderInfos.svc"
message="""soap xml"""
s = requests.Session()
s.headers = {}
headers={"Content-Type":"text/xml; charset=utf-8",
"SOAPAction":"soap-action",
"Expect":"100-continue",
"Connection":"Keep-Alive"}
r=s.post(url,data=message,headers=headers,verify=False)
if i delete the verify=False parameter in python 3.6 i get this error Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)
if i run the code in 3.10 or any whersion above 3.6 i get the following error with or without verify=False:
[Errno 10054] An existing connection was forcibly closed by the remote host.
I'm trying to use youtube DL with FFmpeg to download an m3u8 stream. Just recently I started receiving this error:
ERROR: Unable to download webpage: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED]
certificate verify failed: unable to get local issuer certificate (_ssl.c:992)>
(caused by URLError(SSLCertVerificationError(1,
'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed:
unable to get local issuer certificate (_ssl.c:992)')))
I know Youtube DL supports an option for nocheckcertificate but by enabling this after a couple of minutes the target machine will refuse the connection. When trying to use the same m3u8 stream on another computer, I could download the stream without any issues.
I know that someone from Youtubedl CERTIFICATE_VERIFY_FAILED suggested fixing "your system's CA certificate list". What is the process of doing this?
I tried upgrading/reinstalling python and reinstalling the latest Windows update
I also want to mention that there hasn't been any issue with downloading for the past year but recently stumbled upon this when switching proxy providers. But because the same setup works on another PC without any issue it's probably not the reason.
The system the program is running on is Windows
Edit: Another note is that downloading other public m3u8 streams works perfectly fine, so the problem is probably with the system CA SSL.
From a python app attempting to make an HTTPS request I'm hitting an error which I'm struggling to understand:
[SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:1129)
I presume this is coming from OpenSSL. But besides the handshake failing, it doesn't tell me what the problem is. IE: it doesn't tell me why the handshake failed or what step of it failed.
Various links on google give things to try, but give no reason why they might work. I have tried them but nothing worked so far. Based on these results I have tried:
upgrading certifi
running the certificate install script in mac python install directory
upgrading the python version
Is there any way to get more information about this error?
Steffen Ullrich pointed out that this error is server-side. This may be useful to others debugging. For us the problem was that we were not sending a client certificate when we were supposed to be.
For now, just a work around - folks on this fourm led me to try
compare openssl ciphers (identical in both my good and bad environments)
openssl s_client -connect news.somewhere.com:563 (worked)
then add the following python code based on output from the above:
import ssl
cntxt = ssl.create_default_context()
cntxt.set_ciphers("AES256-GCM-SHA384")
import nntplib
nntp = nntplib.NNTP_SSL('news.somewhere.com', ssl_context=cntxt)
which solved the SSLV3_ALERT_HANDSHAKE_FAILURE I was getting. (You will want to select the cipher that worked in that s_client test connection to your server.)
There are a dozen library and module version differences between my two environments, but in general the old environment uses python-3.9.7 and the new (broken but now running environment) uses python-3.10.5
Hopefully this narrows things down a bit.
I am making a bot for Discord using discord.py. I've seen multiple threads on this but are still experiencing issues. I am on Mac an every time I try to run my script in VS Code, I get this error raise ClientConnectorCertificateError(
aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host discordapp.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1108)')]
As seen here, you'll need to go to Applications/Python 3.X/ and you'll see a folder called Install Certificates.command.
Double-click that and you should be fine when you run your bot again.
To fix the issue please do the below:
Install this package: https://pypi.org/project/certifi/
pip install certifi
Go to your Terminal an paste this:
/Applications/Python\ 3.11/Install\ Certificates.command
Note: maybe you must change the Python version to your actual version
I'm using the following code to interact with a Magento webstore using the XMLRPC api. Magento API Python XMLRPC
Everything was working ok until we made a change on our web server to SSL
Now I'm getting the following error.
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:581)
I'm not sure why the certificate is failing as we have an EV certificate and all browsers are showing this as ok.
My connection string is:
How can I resolve this / over-ride the code
I'm fairly new to Python so please go easy :o)
magento = MagentoAPI("www.website.co.uk", 443, "myUsername", "myPassword", "/api/xmlrpc", True)
Python, or better the OpenSSL library it is using, can not verify the validity of the certificate of the server. There are many possible reasons: bad configuration, missing intermediate or CA certificate, wrong CN...
A first step could be to go to this site and let it test the SSL/TLS capabilities of the server: https://www.ssllabs.com/ssltest/
It will give you hints on how to solve problems as well.
Python verifies certs via its own bundle, check where it is located by
>>> import certifi
>>> certifi.where()
'/Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-
packages/certifi/cacert.pem'
and add your certificates to the end of that file.