问题
I've installed Anaconda and had SSL problems when trying to do API calls via Jupyter Notebooks:
import requests
import certifi
r = requests.get('https://github.com/')
print(r)
This first produced a SSL connection error. Which I could solve after extensive search and the help of our IT department. The solution here was to add the company root certificate to certifi cert storage.
Now for other requests unfortunately I still have the same problems. Example code calling the Google Analytics API with google2pandas package:
from google2pandas import *
query = {
'reportRequests': [{
'viewId' : 37616054,
'dateRanges': [{
'startDate' : '8daysAgo',
'endDate' : 'today'}],
'dimensions' : [
{'name' : 'ga:date'},
{'name' : 'ga:pagePath'},
{'name' : 'ga:browser'}],
'metrics' : [
{'expression' : 'ga:pageviews'}],
'dimensionFilterClauses' : [{
'operator' : 'AND',
'filters' : [
{'dimensionName' : 'ga:browser',
'operator' : 'REGEXP',
'expressions' : ['Firefox']},
{'dimensionName' : 'ga:pagePath',
'operator' : 'REGEXP',
'expressions' : ['iPhone']}]
}]
}]
}
# Assume we have placed our client_secrets_v4.json file in the current
# working directory.
conn = GoogleAnalyticsQueryV4(secrets='Analytics.json')
df = conn.execute_query(query)
Here I still get the SSL error I had on the simple call before as well:
C:\ProgramData\Anaconda3\lib\ssl.py in _create(cls, sock, server_side, do_handshake_on_connect, suppress_ragged_eofs, server_hostname, context, session) 848 # non-blocking 849 raise ValueError("do_handshake_on_connect should not be specified for non-blocking sockets") --> 850 self.do_handshake() 851 except (OSError, ValueError): 852 self.close()
C:\ProgramData\Anaconda3\lib\ssl.py in do_handshake(self, block)
1106 if timeout == 0.0 and block: 1107
self.settimeout(None) -> 1108 self._sslobj.do_handshake() 1109 finally: 1110 self.settimeout(timeout)SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1045)
I believe there is another library in use, that doesn't rely on certifi? But I don't have any idea on where and how to add my root certificate, so all iPython requests will work.
Any ideas are appreciated.
回答1:
I spent a few days figuring out how to solve this problem. Finally I add the CA certificate of my company in a configuration file used by requests library. You can check the path of this file by:
import requests as r
print(r.certs.where())
Just add the certificate at the bottom of it!
回答2:
You can monkey-patch the __init__ method of ssl.SSLSocket so that it always ignores SSL certificate verification by forcing the cert_reqs=CERT_NONE parameter.
Add this to the beginning of your script:
import ssl
orig_sslsocket_init = ssl.SSLSocket.__init__
ssl.SSLSocket.__init__ = lambda *args, cert_reqs=ssl.CERT_NONE, **kwargs: orig_sslsocket_init(*args, cert_reqs=ssl.CERT_NONE, **kwargs)
回答3:
I've made progress. httplib2 is the package, that caused the problems. It has it's own cacerts.txt, where I added the root certificate as well now.
Cheers,
Andreas
来源:https://stackoverflow.com/questions/52870795/windows-python-ssl-certificate-verify-failed