Menu
Article Case Studies

python requests module verify

Narkw Brahma

Narkw Brahma

• 2 min read

Python Requests Module Verify

If you are working with Python and need to make HTTP requests, the requests module is a popular choice. It is easy to use, well documented, and has a lot of functionality built-in.

When making requests, you may come across the verify parameter. This parameter is used to specify whether or not to verify the SSL certificate of the server you are making a request to.

Using verify=True

By default, the verify parameter is set to True. This means that when you make a request, the SSL certificate of the server will be verified. If the certificate is invalid, you will get an error like this:

requests.exceptions.SSLError: HTTPSConnectionPool(host='www.example.com', port=443): Max retries exceeded with url: / (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1076)')))

If you are making requests to a public URL, like https://www.google.com, then you don't need to worry about setting the verify parameter. The SSL certificate for these sites is already trusted by your operating system.

Using verify=False

If you are making requests to a private URL, like https://myprivatewebsite.com, then you may need to set the verify parameter to False. This is because the SSL certificate for these sites may not be trusted by your operating system.

When you set verify=False, requests will not verify the SSL certificate of the server. This means that if the SSL certificate is invalid, you will not get an error. However, it also means that your connection is not secure.

import requests

response = requests.get('https://myprivatewebsite.com', verify=False)

print(response.content)

It is generally not recommended to set verify=False unless you know what you are doing and have a good reason to do so.

Using a Custom CA Bundle

If you are making requests to a private URL and want to verify the SSL certificate of the server, but the SSL certificate is not trusted by your operating system, then you can specify a custom CA bundle.

A CA bundle is a file that contains trusted SSL certificates. You can download a CA bundle from a trusted source, or you can create your own.

# Path to the custom CA bundle
ca_bundle_path = '/path/to/ca_bundle.pem'

response = requests.get('https://myprivatewebsite.com', verify=ca_bundle_path)

When you set verify to the path of your custom CA bundle, requests will use the certificates in the bundle to verify the SSL certificate of the server.

Using a custom CA bundle is the recommended way to verify SSL certificates for private URLs that are not trusted by your operating system.

Share