2

I have been trying to figure this out for a while now and for some reason I get stuck with an ssl issue and have no idea what is going on.

Problem: I have installed python2.7 and easy_install2.7, but when trying to install pip with easy_install2.7 I get the following error.

[root@cops-wc-01]# /usr/local/bin/easy_install-2.7 pip Searching for pip Reading https://pypi.python.org/simple/pip/ Download error on https://pypi.python.org/simple/pip/: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590) -- Some packages may not be found! Couldn't find index page for 'pip' (maybe misspelled?) Scanning index of all packages (this may take a while) Reading https://pypi.python.org/simple/ Download error on https://pypi.python.org/simple/: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590) -- Some packages may not be found! No local packages or download links found for pip error: Could not find suitable distribution for Requirement.parse('pip')

It is trying to download, but this SSL cert verification failure is preventing it.

Does anyone know a way around this, or a way to resolve it?

Sorry if it is a noob question :)

[root@cops-wc-01]# uname -a Linux 2.6.32-504.30.3.el6.x86_64 #1 SMP Wed Jul 15 10:13:09 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux [root@cops-wc-01]#

Centos 6

jmg0880
  • 115
  • 1
  • 8
  • 19

11 Answers11

6
apt-get install ca-certificates

If you missed this package.

Qi Luo
  • 841
  • 10
  • 15
4

On my device (that runs nix), 

$ date showed ...1969

so I had to set the date to a more recent time :

$ date -s "26 MAR 2017 13:16:00"

Then the SSL error was gone.

Tom
  • 962
  • 1
  • 14
  • 32
1

YAS (Yet Another Solution)
I had the same issue.
Tried everything above.
My issue was fixed by upgrading pip and setuptools:

$ pip install -U pip setuptools

I also tried to add an entry in my ~/.pip/pip.conf file:

[global]
trusted=https://pypi.your.domain
Franck
  • 71
  • 1
  • 2
0

Most likely pip does not have the required CA certificates to validate that.

You can force pip to use openssl's CAs to see if it helps.

Community
  • 1
  • 1
tstark81
  • 478
  • 3
  • 13
  • 1
    Thanks for the link. I took a look and could not find ~/.pip/pip.conf. – jmg0880 Sep 25 '15 at 00:25
  • If it is not there, you can create it yourself. It is ok. – tstark81 Sep 25 '15 at 00:28
  • Also, when trying to issue the command listed I get the following error: /usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning. InsecurePlatformWarning -------------- Could not find a version that satisfies the requirement pep8 (from versions: ) No matching distribution found for pep8 – jmg0880 Sep 25 '15 at 00:29
  • Something looks wrong there. You said you installed python2.7, but the error message is from a python 2.6 interpreter. If you still get this error on 2.7, you can find a workaround [here](https://github.com/pypa/pip/issues/2681) – tstark81 Sep 25 '15 at 00:35
  • It is most likely because the trouble I am having is installing pip using easy_install2.7. default pip is using 2.6 :( – jmg0880 Sep 25 '15 at 00:36
  • Have you tried this tutorial: https://github.com/h2oai/h2o-2/wiki/Installing-python-2.7-on-centos-6.3.-Follow-this-sequence-exactly-for-centos-machine-only ? – tstark81 Sep 25 '15 at 00:46
  • Yep, that is the tutorial I followed and I got hung up when trying to install pip using easy_install2.7 and go the [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed error – jmg0880 Sep 25 '15 at 00:53
  • Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/90573/discussion-between-jmg0880-and-tstark81). – jmg0880 Sep 25 '15 at 00:54
0

The easiest solution that worked for me:

  1. From https://pypi.python.org/pypi/pip, download 'pip-8.1.2.tar.gz'
  2. Install it with pip, "pip install ./pip-8.1.2.tar.gz"
  3. On the ubuntu server, the new version pip may be installed in a different location. If checking version with 'pip --version', it's still an older version one, like pip 1.5.6. To install a package with the new version pip, straightforwardly use the absolute path for convenience:

/home/tom/.local/bin/pip install ./gensim-0.13.1.tar.gz

Install dependencies one by one, errors like this below can be bypassed.

Download error on https://pypi.python.org/simple/pip/: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590) -- Some packages may not be found!"

Tom
  • 3,168
  • 5
  • 27
  • 36
0

On macbook put this line in ~/.bash_profile:

export SSL_CERT_FILE=/usr/local/etc/openssl/cert.pem

And forget about this error.

Of course, if you don't have openssl - run brew install openssl. And don't forget to do . .bash_profile after first edit of .bash_profile.

Nikolay Fominyh
  • 8,946
  • 8
  • 66
  • 102
0

I ran the following commands to resolve the issue:

$ curl https://bootstrap.pypa.io/get-pip.py >> get-pip.py
$ python get-pip.py

This upgraded pip to v9.0.3, and this version has no issues.

mech
  • 2,775
  • 5
  • 30
  • 38
simbawesley
  • 11
  • 2
0

Since this is currently the top hit on Google for this issue I thought I would share my solution. As weird as it is. I'm on CentOS 7, Python3.6 although I believe it doesn't matter which Python version.

The SSLError / CERTIFICATE_VERIFY_FAILED was also happening for me when I ran a fresh copy of get-pip.py.

The solution was to run the install command with output piped to a file, so python get-pip.py &> output. I haven't had the time to find out why not having a TTY affects the environment for the script.

Tom Winch
  • 131
  • 6
0

If you are running behind a web filter or firewall, please ensure SSL inspection/decryption is disabled or bypassed for the domain *.pythonhosted.org (or more specifically, files.pythonhosted.org). May also need to include pypi.org.

I'm running Python on an enterprise workstation and this has been the culprit in our environment across Windows and Linux hosts. Confirmed with our older system, a Broadcom ProxySG on prem web filter appliance, and later through Cisco's Umbrella Cloud Gateway/SIG product.

Cheers

Meticulous7Seven
  • 1
  • 1
0

I had pip install [SSL: CERTIFICATE_VERIFY_FAILED] errors caused by a corporate Secure Web Gateway (SWG) changing the remote SSL certs to ones signed by a non-standard CA. This was complicated by pip not passing CLI flags to subprocesses, so using CLI flags would work for simple pip installs, but fail if pip needed to build the module.

Fix was to add the SWG cert to a standard bundle (eg from https://curl.se/docs/caextract.html) and then tell pip to use the customised bundle via the PIP_CERT environment variable as per https://github.com/pypa/pip/issues/5502

ADD ../ssl/myCaCerts.pem /usr/local/share/myCaCerts.pem
ENV PIP_CERT=/usr/local/share/caCert.pem
RUN pip install <TheModule>
Steve Campbell
  • 51
  • 2
-1

I didn't realize that there is a command "python -M ensurepip after 7.9. This fixed my issue.

jmg0880
  • 115
  • 1
  • 8
  • 19
  • hmm i didn't understand this answer, what we need to do to fix it? just run `python -M ensurepip` ?? which doesn't work in my case – Satish Nov 17 '21 at 17:43
  • I believe the command should be `python -m ensurepip` – wsams Jan 31 '23 at 16:48
  • This command won't solve `[SSL: CERTIFICATE_VERIFY_FAILED]` because `pip` is what produced that error trying to reach out to pypi.org. – wsams Jan 31 '23 at 16:52