My python requests code does not accept the self-signed certificate but curl does. It turns out python requests are very strict on the self-signed certificate. It needs to be a root CA certificate. In other words, Basic Constraints: CA:TRUE Key Usage: Digital Signature, Non Repudiation, Key Encipherment, Certificate Sign
Go to the folder where Python is installed, e.g., in my case (Mac OS) it is installed in the Applications folder with the folder name 'Python 3.6'. Now double click on 'Install Certificates.command'.
But it doesn't explain how to install python-certifi-win32 to start with since pip is non functional. The trick is to use --trustedhost to install python-certifi-win32 and then after that, pip will automatically use the windows certificate store to load the certificate used by the proxy.
Since the SSL stack of Python is based on OpenSSL and OpenSSL expects only trusted certificate authorities in the trust store (i.e. given with verify) and a server certificate is not CA certificate it will not help to add it to the trust store.
@alanjds What if I want to either configure python to trust some ssl cert or to disable certificate verification but globally in the environment, without editing the source code?
Python by default just accepts and uses SSL certificates when using HTTPS, so even if a certificate is invalid, Python libraries such as urllib2 and Twisted will just happily use the certificate. How do I verify a certificate in Python?
Running mac os high sierra on a macbookpro 15" Python 2.7 pip 9.0.1 I Tried both: sudo -H pip install --trusted-host pypi.python.org numpy and sudo pip install --trusted-host pypi.python.org numpy it always gives me the same error: "There was a problem confirming the ssl certificate: [SSL: TLSV1_ALERT_PROTOCOL_VERSION] tlsv1 alert protocol ...
I want to use Python Requests to get the contents of internal company web page (say, https://internal.com). I can see this page in the browser, and I can "view the certificate." So now I want to ...
