certificate verify failed

Question

certificate verify failed

Opened this issue 9 years ago · 8 comments

When try to create a new status page, i get this message:

Traceback (most recent call last):
  File "<string>", line 233, in <module>
  File "site-packages/click/core.py", line 716, in __call__
  File "site-packages/click/core.py", line 696, in main
  File "site-packages/click/core.py", line 1060, in invoke
  File "site-packages/click/core.py", line 889, in invoke
  File "site-packages/click/core.py", line 534, in invoke
  File "<string>", line 47, in create
  File "<string>", line 155, in run_create
  File "github/AuthenticatedUser.py", line 542, in create_repo
  File "github/Requester.py", line 171, in requestJsonAndCheck
  File "github/Requester.py", line 212, in requestJson
  File "github/Requester.py", line 251, in __requestEncode
  File "github/Requester.py", line 275, in __requestRaw
  File "http/client.py", line 1083, in request
  File "http/client.py", line 1128, in _send_request
  File "http/client.py", line 1079, in endheaders
  File "http/client.py", line 911, in _send_output
  File "http/client.py", line 854, in send
  File "http/client.py", line 1237, in connect
  File "ssl.py", line 376, in wrap_socket
  File "ssl.py", line 747, in __init__
  File "ssl.py", line 983, in do_handshake
  File "ssl.py", line 628, in do_handshake
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:646)
statuspage returned -1

Answer 1 · 2016-03-07T20:08:17.000Z

Are you using the Mac OS X or the Linux binary?

Answer 2 · 2016-03-07T20:49:32.000Z

OS X 10.11.3 (15D21)

Answer 3 · 2016-03-08T00:50:28.000Z

Same error happens to me.

Answer 4 · 2016-03-09T15:15:40.000Z

That's probably an incompatibility between python and openssl http://stackoverflow.com/questions/27804710/python-urllib2-ssl-error/27826829#27826829

Answer 5 · 2016-03-11T07:31:02.000Z

I get the same on Fedora 23

Answer 6 · 2016-04-04T17:15:47.000Z

Man, I get the same.

Answer 7 · 2016-06-26T16:42:51.000Z

This is an easy fix. Set the environment variable SSL_CERT_FILE to point to your cert.pem or similar certificate file. These are not bundled with the binary (nor should they be!).

Answer 8 · 2016-07-08T16:38:04.000Z

Honestly, @jayfk IMHO this is a README fix.

Bundling the certs with the binary seems like a bad choice IMHO. It is not done currently so we are doing the right thing now. If we just specify that this environment variable needs to be set, one should be fine.

Alternatively, we could search multiple paths setting that variable after checking a bunch. This is what libcloud does as shown by this code. We just can't use certifi as that amounts to bundling the certs too.