Python Request. [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)

Question

In my python script, i am trying to call my api as follows:

with requests.Session() as session:
  url= 'https://example.com'
  headers = {
            'Content-Type': 'application/x-www-form-urlencoded'
  }

request_parameters = {'username': 'test', 'password':'pass'}
response = (session.post(auth_url, data=request_parameters, headers=headers))

I am getting the following exception:

 File "C:\Users\Programs\Python\Python36\lib\site-packages\requests\sessions.py", line 518, in post return self.request('POST', url, data=data, json=json, **kwargs)

File "C:\Users\Programs\Python\Python36\lib\site-packages\requests\sessions.py", line 475, in request
resp = self.send(prep, **send_kwargs)

File "C:\Users\Programs\Python\Python36\lib\site-packages\requests\sessions.py", line 585, in send
r = adapter.send(request, **kwargs)

File "C:\Users\Programs\Python\Python36\lib\site-   packages\requests\adapters.py", line 477, in send

raise SSLError(e, request=request)

requests.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)

I want to call my service as https://example.com. It works for http:// connection but does not work for https://. What should i do for https connection? Also, when i call the service through Rest Client as https it works perfectly. Is there any other way to call the service as https connection?

If you're trying to connect to a domain running through reverse proxy like nginx or apache you have to configure your server using either valid certificate from a legitimate provider (better), or self signed certificate (worse). — dmitryro, Jun 28 '16 at 00:32
is there any other way to do that except configuring the server? Why does it work via Advance Rest Client? — Anmol Bhatia, Jun 28 '16 at 00:35
If you're using domain name, domain name has an associated public IP and DNS record (CNAME) - if you create something within a VPN you can talk through IP addresses, but using public domain name assumes you're using a server, having some sort of certificate and SSL enabled. You can still use localhost and 127.0.0.1 for local tests. — dmitryro, Jun 28 '16 at 00:41

score 4 · Answer 1 · answered Jun 28 '16 at 00:58

You can disable SSL verification, but it is not recommended.

If you know and trust the site that you are posting data to, it's okay, but be aware that if it was hijacked you would be posting data to something malicious until you realized it was compromised.

with requests.Session() as session:
    session.post('https://google.com', data={'hello': 1}, verify=False)

This is the warning that you will receive when not using verification:

C:\Users\vsyrakis\AppData\Local\Continuum\Anaconda3\lib\site-packages\requests\packages\urllib3\connectionpool.py:791: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html InsecureRequestWarning)

warnings can be disabled like this: requests.packages.urllib3.disable_warnings() — KingMak, Jul 11 '17 at 14:14

Python Request. [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)

1 Answers1