0

I am using gspread to access google spreadsheet but it is showing SSLError.

Similar thing is happening when I am using requests library. 

import gspread
from oauth2client.service_account import ServiceAccountCredentials

scope = ['https://spreadsheets.google.com/feeds',
         'https://www.googleapis.com/auth/drive']

credentials = ServiceAccountCredentials.from_json_keyfile_name('credentials.json', scope)

gc = gspread.authorize(credentials)`

The error is :

SSLCertVerificationError                  Traceback (most recent call last)
<ipython-input-1-87ec55398e31> in <module>
      7 credentials = ServiceAccountCredentials.from_json_keyfile_name('credentials.json', scope)
      8 
----> 9 gc = gspread.authorize(credentials)


SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1051)
S0AndS0
  • 860
  • 1
  • 7
  • 20
Ankit Shankhala
  • 13
  • 5
  • Please provide use your code. We cannot help without heaving more details. – jeanggi90 Mar 22 '19 at 17:12
  • 1
    "unable to get local issuer certificate" : a certificate you received is signed by a CA you do not trust, as you do not have the CA certificate. So you need to add the relevant CA certificate to your trust store so that remote certificate can be verified. – Patrick Mevzek Mar 22 '19 at 17:21
  • @PatrickMevzek How can we add them if you can shed some light over that part also. – Ankit Shankhala Mar 22 '19 at 17:32
  • A quick search for `CA` errors involving `gspread` shows a [closed GitHub issue](https://github.com/burnash/gspread/issues/223) with some suggestions that maybe helpful. However, I'd advise using a `venv` for testing anything suggested there as there's some _less than good_ security practices suggested to resolve this. The TLDR version is that `certifi` is usually the underlining cause of headaches. Oh and the other suggestion, found on [SO](https://stackoverflow.com/a/31793275/2632107), looks promising as far as modifying `venv` certs. – S0AndS0 Mar 22 '19 at 18:09
  • I already answered this here: https://stackoverflow.com/a/56549510/8538812 – Guillermo Aguirre Jun 11 '19 at 18:15

1 Answers1

0

It works for me with requests == 2.21.0 and certifi == 2018.11.29 so first thing I'd check is if the versions you have are older (especially certifi).

Also, if this is caused by certifi, you should be able to work around by resetting the trust store used by requests to shared system trust store, you can find the path by running:

python3 -c 'import ssl; print(ssl.get_default_verify_paths())'

look for value of cafile or openssl_cafile and then (replace $cafile with the value obtained):

export REQUESTS_CA_BUNDLE=$cafile

See also this bug.

mig4
  • 341
  • 2
  • 5