python requests certificate verify failed

Python Requests Certificate Verify Failed

If you are trying to make an HTTPS request using Python Requests library and you encounter a "certificate verify failed" error, it means that the SSL certificate of the server you are trying to connect to is not trusted by your system's certificate authorities. This is a security measure to prevent man-in-the-middle attacks.

The following are some ways to fix this issue:

1. Disable SSL Verification

The easiest way to bypass the certificate verification is to disable it altogether. However, this is not recommended as it exposes you to security risks. You can disable SSL verification by adding the "verify=False" parameter to your requests.get() or requests.post() method.


    import requests
    response = requests.get('https://example.com', verify=False)
    

Note that this method will not verify the SSL certificate of the server, so use it at your own risk.

2. Install the Server's SSL Certificate

If you trust the server and want to verify its SSL certificate, you can install the certificate on your system. This will add the certificate to your trusted certificates store, and Python will be able to verify it.

  • First, obtain the certificate file from the server. You can usually download it from the server's website, or use OpenSSL to extract it.
  • Save the certificate file with a .pem extension.
  • Set the "verify" parameter of your requests.get() or requests.post() method to the path of the .pem file.

    import requests
    response = requests.get('https://example.com', verify='/path/to/certificate.pem')
    

This method will verify the SSL certificate of the server using the installed certificate.

3. Update Your System's Certificate Store

If the server's SSL certificate is issued by a trusted certificate authority, but your system does not recognize it, you may need to update your system's certificate store. This will add the certificate authority's root certificate to your trusted certificates store, and Python will be able to verify the SSL certificate of the server.

  • First, obtain the root certificate of the certificate authority that issued the server's SSL certificate. You can usually download it from the certificate authority's website.
  • Save the root certificate with a .pem extension.
  • Set the "verify" parameter of your requests.get() or requests.post() method to True.
  • Run the following command to update your system's certificate store:

    # For Debian/Ubuntu-based systems
    sudo apt-get install ca-certificates
    sudo update-ca-certificates
    

This method will add the root certificate of the certificate authority to your trusted certificates store, and Python will be able to verify the SSL certificate of the server.