As an experiment I'm trying to do a GET request to https://google.com with a specified ca file.
The certificate of Google was retrieved through the following openssl command:
openssl s_client -showcerts -connect google.com:443 </dev/null 2>/dev/null|openssl x509 -outform PEM >mycertfile.pem
Using this certificate, I make a GET request with the following code:
cafile = "mycertfile.pem"
r = requests.get("https://google.com", verify=cafile)
print(r.status_code)
Why does this not work and result in an SSL certificate verification failure?
Traceback (most recent call last):
File "C:/Users/jarno/Projects/pyplayground/main.py", line 6, in <module>
r = requests.get("https://google.com", verify=cafile)
File "C:\Users\jarno\Projects\flasktest\venv\lib\site-packages\requests\api.py", line 76, in get
return request('get', url, params=params, **kwargs)
File "C:\Users\jarno\Projects\flasktest\venv\lib\site-packages\requests\api.py", line 61, in request
return session.request(method=method, url=url, **kwargs)
File "C:\Users\jarno\Projects\flasktest\venv\lib\site-packages\requests\sessions.py", line 530, in request
resp = self.send(prep, **send_kwargs)
File "C:\Users\jarno\Projects\flasktest\venv\lib\site-packages\requests\sessions.py", line 643, in send
r = adapter.send(request, **kwargs)
File "C:\Users\jarno\Projects\flasktest\venv\lib\site-packages\requests\adapters.py", line 514, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='google.com', port=443): Max retries exceeded with url: / (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1076)')))
