9

Since roughly a week or two ago, I've not been able to use pip at all, as it always kicks back the following error:

ERROR: Could not install packages due to an EnvironmentError: HTTPSConnectionPool(host='files.pythonhosted.org', port=443): Max retries exceeded with url: /packages/1b/e5/552ba65835ab43e12b299458fea94ee23886125b8b8aabc91edb03f2ba65/pandas-1.1.3.tar.gz (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1122)')))

I've tested it on and off my company VPN, and even tried on my personal laptop (running Mojave, as opposed to Windows 10 on my main laptop). Both my home internet as well as a hot spot on my phone. As well, I've remoted in to one of my companie's Australian machines and was having the same problem.

I've not updated my python version (3.9.0) or pip version (20.2.3), or changed my pip usage, so just a super perplexing issue to arise suddenly. https://status.python.org/ says that everything is up too.

Is there something I am doing wrong?

Full CMD text if its helpful:

C:\Users\Caleb.Clough\Digital>pip install pandas

Collecting pandas

WARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1122)'))': /packages/1b/e5/552ba65835ab43e12b299458fea94ee23886125b8b8aabc91edb03f2ba65/pandas-1.1.3.tar.gz WARNING: Retrying (Retry(total=3, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1122)'))': /packages/1b/e5/552ba65835ab43e12b299458fea94ee23886125b8b8aabc91edb03f2ba65/pandas-1.1.3.tar.gz

WARNING: Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1122)'))': /packages/1b/e5/552ba65835ab43e12b299458fea94ee23886125b8b8aabc91edb03f2ba65/pandas-1.1.3.tar.gz

WARNING: Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1122)'))': /packages/1b/e5/552ba65835ab43e12b299458fea94ee23886125b8b8aabc91edb03f2ba65/pandas-1.1.3.tar.gz

WARNING: Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1122)'))': /packages/1b/e5/552ba65835ab43e12b299458fea94ee23886125b8b8aabc91edb03f2ba65/pandas-1.1.3.tar.gz

ERROR: Could not install packages due to an EnvironmentError: HTTPSConnectionPool(host='files.pythonhosted.org', port=443): Max retries exceeded with url: /packages/1b/e5/552ba65835ab43e12b299458fea94ee23886125b8b8aabc91edb03f2ba65/pandas-1.1.3.tar.gz (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1122)')))

Maelig
  • 2,046
  • 4
  • 24
  • 49
Cluf
  • 91
  • 1
  • 1
  • 2
  • Does this answer your question? [pip install fails with "connection error: \[SSL: CERTIFICATE\_VERIFY\_FAILED\] certificate verify failed (\_ssl.c:598)"](https://stackoverflow.com/questions/25981703/pip-install-fails-with-connection-error-ssl-certificate-verify-failed-certi) – Jeril Oct 12 '20 at 05:21

5 Answers5

39

Can you try the following:

$ pip install --trusted-host pypi.org --trusted-host files.pythonhosted.org <package_name>

in your case

$ pip install --trusted-host pypi.org --trusted-host files.pythonhosted.org pandas

You can also permanently add the trusted host to config as follows:

pip config set global.trusted-host "pypi.org files.pythonhosted.org pypi.python.org"

and use pip install the normal way

python -m pip install pandas
Jeril
  • 7,858
  • 3
  • 52
  • 69
  • Thanks for your help @Jeril. Curiously, this command allows pip to work on my personal Mac, but not my work computer running Windows 10. I still get the 'Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1122' error. Tried it in Git Bash to see if it was a CMD vs. bash issue, but doesn't work in either case. Could it be a firewall issue from my company? – Cluf Oct 13 '20 at 02:26
  • Maybe because of the firewall in your company, you need to download it locally and try. I generally download windows python libraries from [here](https://www.lfd.uci.edu/~gohlke/pythonlibs/) – Jeril Oct 13 '20 at 08:04
  • 1
    How to confirm if this is firewall issue? I need to provide evidence to company's Network team as they dont go by our development software environment issue as their issue. If there is any way to pinpoint the error is due to firewall setting. – Adil Mar 09 '22 at 18:22
6

Pandas is a PyPI repo. It means that it stores in the PyPI servers. If you can't pip install it, it means that your pip doesn't trust PyPI as a "Python package authority".

What can you do:

To solve the issue, I would have added PyPI to the list of trusted hosts, from which you can pip install stuff.

  1. Make sure you have pip.conf file:

    in windows: %HOME%\pip\pip.ini

    in Linux: $HOME/.pip/pip.conf

  2. Make the file looks like this:

    [global]
    trusted-host = pypi.python.org

Then run:

pip install pandas
Oz Shabat
  • 1,434
  • 17
  • 16
  • 1
    Men, you saved my life. After checking why my machine was unable to pip install from a custom location behind a proxy, it turns out that this config file had a wrong setting. – Don Charlie Oct 18 '22 at 23:33
0

If you have installed the latest version of Cisco Any Connect try to uninstall Cisco Umbrella module.

Sergey Sheremet
  • 1
  • 1
0

There are 2 ways to bypass the above SSL Verification:

  1. If you are running a python script then you can set curl ca bundle environment variable as empty and that should resolve it:
os.environ['CURL_CA_BUNDLE'] = ''
  1. If you are using a python library directly like pipreqs then you can export the environment variable to the current shell as mentioned below:
export CURL_CA_BUNDLE=''
suthar_arun
  • 81
  • 1
  • 5
0

Old post. But answering for my future self and anyone else who gets stuck at this!

First locate the pip.conf(linux):

[root@localhost ~]# pip3 config -v list
For variant 'global', will try loading '/etc/xdg/pip/pip.conf'
For variant 'global', will try loading '/etc/pip.conf'
For variant 'user', will try loading '/root/.pip/pip.conf'
For variant 'user', will try loading '/root/.config/pip/pip.conf'
For variant 'site', will try loading '/usr/pip.conf'

If not already present, then you can create the pip.conf file at any one of these locations (This is valid for virtual env as well). Ref. https://pip.pypa.io/en/stable/cli/pip_config/#cmdoption-user for variant specification.

Then add below sources to pip.conf file:

trusted-host = pypi.org
               pypi.python.org
               pypi.org
               pypi.co
               files.pythonhosted.org
               pip.pypa.io

Save and start with pip install or download as usual..

To locate cert, install certifi and run below piece of code:

[root@localhost ~]# python3 -c "import certifi; print(certifi.where())"
/usr/local/lib/python3.6/site-packages/certifi/cacert.pem
Kiran Roy
  • 1
  • 1