1

I'm getting an SSLError while submitting a request against https://myaccount.xcelenergy.com (and am not nearly enough of an SSL expert to understand why). Can you help me see what the issue is (and how to address it)?

Environment

  • macOS 10.13.2
  • LibreSSL 2.2.7 (installed via Homebrew)
  • Python 3.6.4 (installed via Homebrew)
  • Requests 2.18.4 (installed via pipenv)
  • Certifi 2017.11.5 (installed via pipenv)

Code

import requests requests.get('https://myaccount.xcelenergy.com')

Stacktrace

Traceback (most recent call last): File "/Users/abach/.local/share/virtualenvs/pyxcel-PG9DCiyE/lib/python3.6/site-packages/urllib3/connectionpool.py", line 595, in urlopen self._prepare_proxy(conn) File "/Users/abach/.local/share/virtualenvs/pyxcel-PG9DCiyE/lib/python3.6/site-packages/urllib3/connectionpool.py", line 816, in _prepare_proxy conn.connect() File "/Users/abach/.local/share/virtualenvs/pyxcel-PG9DCiyE/lib/python3.6/site-packages/urllib3/connection.py", line 326, in connect ssl_context=context) File "/Users/abach/.local/share/virtualenvs/pyxcel-PG9DCiyE/lib/python3.6/site-packages/urllib3/util/ssl_.py", line 329, in ssl_wrap_socket return context.wrap_socket(sock, server_hostname=server_hostname) File "/usr/local/Cellar/python3/3.6.4/Frameworks/Python.framework/Versions/3.6/lib/python3.6/ssl.py", line 407, in wrap_socket _context=self, _session=session) File "/usr/local/Cellar/python3/3.6.4/Frameworks/Python.framework/Versions/3.6/lib/python3.6/ssl.py", line 814, in __init__ self.do_handshake() File "/usr/local/Cellar/python3/3.6.4/Frameworks/Python.framework/Versions/3.6/lib/python3.6/ssl.py", line 1068, in do_handshake self._sslobj.do_handshake() File "/usr/local/Cellar/python3/3.6.4/Frameworks/Python.framework/Versions/3.6/lib/python3.6/ssl.py", line 689, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777) During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/Users/abach/.local/share/virtualenvs/pyxcel-PG9DCiyE/lib/python3.6/site-packages/requests/adapters.py", line 440, in send timeout=timeout File "/Users/abach/.local/share/virtualenvs/pyxcel-PG9DCiyE/lib/python3.6/site-packages/urllib3/connectionpool.py", line 639, in urlopen _stacktrace=sys.exc_info()[2]) File "/Users/abach/.local/share/virtualenvs/pyxcel-PG9DCiyE/lib/python3.6/site-packages/urllib3/util/retry.py", line 388, in increment raise MaxRetryError(_pool, url, error or ResponseError(cause)) urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='myaccount.xcelenergy.com', port=443): Max retries exceeded with url: / (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)'),)) During handling of the above exception, another exception occurred: Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/Users/abach/.local/share/virtualenvs/pyxcel-PG9DCiyE/lib/python3.6/site-packages/requests/api.py", line 72, in get return request('get', url, params=params, **kwargs) File "/Users/abach/.local/share/virtualenvs/pyxcel-PG9DCiyE/lib/python3.6/site-packages/requests/api.py", line 58, in request return session.request(method=method, url=url, **kwargs) File "/Users/abach/.local/share/virtualenvs/pyxcel-PG9DCiyE/lib/python3.6/site-packages/requests/sessions.py", line 508, in request resp = self.send(prep, **send_kwargs) File "/Users/abach/.local/share/virtualenvs/pyxcel-PG9DCiyE/lib/python3.6/site-packages/requests/sessions.py", line 618, in send r = adapter.send(request, **kwargs) File "/Users/abach/.local/share/virtualenvs/pyxcel-PG9DCiyE/lib/python3.6/site-packages/requests/adapters.py", line 506, in send raise SSLError(e, request=request) requests.exceptions.SSLError: HTTPSConnectionPool(host='myaccount.xcelenergy.com', port=443): Max retries exceeded with url: / (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)'),))

What I've Tried (to no avail)

# Specifically calling out local cert chain: requests.get('https://myaccount.xcelenergy.com', verify='/usr/local/etc/openssl/cert.pem') # Using Certifi's old chain: requests.get('https://myaccount.xcelenergy.com', verify=certifi.old_where())
Improve this question

1 Answer 1

Reset to default
1

There is currently a known issue with OSX's Python3.6 and OpenSSL that might be related to what you're seeing. I was able to fix it by installing certifi, then making a symlink in OpenSSL's directory. All of that can be done for you by running the following from bash:

Applications/Python 3.6/Install Certificates.command

See this related question: ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:747) on OS X

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

That did it. Thank you!

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.