pip install fails with "connection error: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:598)"
PythonWindowsSslPipPython Problem Overview
I am very new to Python and trying to > pip install linkchecker
on Windows 7. Some notes:
- pip install is failing no matter the package. For example,
> pip install scrapy
also results in the SSL error. - Vanilla install of Python 3.4.1 included pip 1.5.6. The first thing I tried to do was install linkchecker. Python 2.7 was already installed, it came with ArcGIS.
python
andpip
were not available from the command line until I installed 3.4.1. > pip search linkchecker
works. Perhaps that is because pip search does not verify the site's SSL certificate.- I am in a company network but we do not go through a proxy to reach the Internet.
- Each company computer (including mine) has a Trusted Root Certificate Authority that is used for various reasons including enabling monitoring TLS traffic to https://google.com. Not sure if that has anything to do with it.
Here are the contents of my pip.log after running pip install linkchecker
:
Downloading/unpacking linkchecker
Getting page https://pypi.python.org/simple/linkchecker/
Could not fetch URL https://pypi.python.org/simple/linkchecker/: connection error: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:598)
Will skip URL https://pypi.python.org/simple/linkchecker/ when looking for download links for linkchecker
Getting page https://pypi.python.org/simple/
Could not fetch URL https://pypi.python.org/simple/: connection error: HTTPSConnectionPool(host='pypi.python.org', port=443): Max retries exceeded with url: /simple/ (Caused by <class 'http.client.CannotSendRequest'>: Request-sent)
Will skip URL https://pypi.python.org/simple/ when looking for download links for linkchecker
Cannot fetch index base URL https://pypi.python.org/simple/
URLs to search for versions for linkchecker:
* https://pypi.python.org/simple/linkchecker/
Getting page https://pypi.python.org/simple/linkchecker/
Could not fetch URL https://pypi.python.org/simple/linkchecker/: connection error: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:598)
Will skip URL https://pypi.python.org/simple/linkchecker/ when looking for download links for linkchecker
Could not find any downloads that satisfy the requirement linkchecker
Cleaning up...
Removing temporary dir C:\Users\jcook\AppData\Local\Temp\pip_build_jcook...
No distributions at all found for linkchecker
Exception information:
Traceback (most recent call last):
File "C:\Python34\lib\site-packages\pip\basecommand.py", line 122, in main
status = self.run(options, args)
File "C:\Python34\lib\site-packages\pip\commands\install.py", line 278, in run
requirement_set.prepare_files(finder, force_root_egg_info=self.bundle, bundle=self.bundle)
File "C:\Python34\lib\site-packages\pip\req.py", line 1177, in prepare_files
url = finder.find_requirement(req_to_install, upgrade=self.upgrade)
File "C:\Python34\lib\site-packages\pip\index.py", line 277, in find_requirement
raise DistributionNotFound('No distributions at all found for %s' % req)
pip.exceptions.DistributionNotFound: No distributions at all found for linkchecker
Python Solutions
Solution 1 - Python
pip install gensim config --global http.sslVerify false
Just install any package with the "config --global http.sslVerify false" statement
You can ignore SSL errors by setting pypi.org
and files.pythonhosted.org
as well as the older pypi.python.org
as trusted hosts.
$ pip install --trusted-host pypi.org --trusted-host pypi.python.org --trusted-host files.pythonhosted.org <package_name>
Note: Sometime during April 2018, the Python Package Index was migrated from pypi.python.org
to pypi.org
. This means "trusted-host" commands using the old domain no longer work, but you can add both.
Permanent Fix
Since the release of pip 10.0, you should be able to fix this permanently just by upgrading pip
itself:
$ pip install --trusted-host pypi.org --trusted-host pypi.python.org --trusted-host files.pythonhosted.org pip setuptools
Or by just reinstalling it to get the latest version:
$ curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
(… and then running get-pip.py
with the relevant Python interpreter).
pip install <otherpackage>
should just work after this. If not, then you will need to do more, as explained below.
You may want to add the trusted hosts and proxy to your config file.
pip.ini
(Windows) or pip.conf
(unix)
[global]
trusted-host = pypi.python.org
pypi.org
files.pythonhosted.org
Alternate Solutions (Less secure)
Most of the answers could pose a security issue.
Two of the workarounds that help in installing most of the python packages with ease would be:
-
Using easy_install: if you are really lazy and don't want to waste much time, use
easy_install <package_name>
. Note that some packages won't be found or will give small errors. -
Using Wheel: download the Wheel of the python package and use the pip command
pip install wheel_package_name.whl
to install the package.
Solution 2 - Python
You can specify a cert with this param:
pip --cert /etc/ssl/certs/FOO_Root_CA.pem install linkchecker
See: Docs » Reference Guide » pip
If specifying your company's root cert doesn't work maybe the cURL one will work: http://curl.haxx.se/ca/cacert.pem
You must use a PEM file and not a CRT file. If you have a CRT file you will need to convert the file to PEM There are reports in the comments that this now works with a CRT file but I have not verified.
Also check: SSL Cert Verification.
Solution 3 - Python
For me the problem was fixed by creating a folder
pip
, with a file: pip.ini
in
C:\Users\<username>\AppData\Roaming\
e.g:
C:\Users\<username>\AppData\Roaming\pip\pip.ini
Inside it I wrote:
[global]
trusted-host = pypi.python.org
pypi.org
files.pythonhosted.org
I restarted python, and then pip permanently trusted these sites, and used them to download packages from.
If you can't find the AppData Folder on windows, write %appdata%
in file explorer and it should appear.
Solution 4 - Python
kenorb’s answer is very useful (and great!).
Among his solutions, maybe this is the most simple one:
--trusted-host
For example, in this case you can do
pip install --trusted-host pypi.python.org linkchecker
The pem file(or anything else) is unnecessary.
Solution 5 - Python
The answers are quite similar and a bit confusing. In my case, the certificates in my company's network was the issue. I was able to work around the problem using:
pip install --trusted-host files.pythonhosted.org --trusted-host pypi.org --trusted-host pypi.python.org oauthlib -vvv
As seen here. The -vvv argument can be omited if verbose output is not required
Solution 6 - Python
Permanent Fix
pip install --upgrade pip --trusted-host pypi.org --trusted-host files.pythonhosted.org
For eg:
pip install <package name> --trusted-host pypi.org --trusted-host files.pythonhosted.org
Solution 7 - Python
I tried majority of the solutions provided in this answer blog, however none of them worked, I had this ssl certificant error
as I try to install python packages.
I succeed by following command:
python -m pip install PACKAGENAME --trusted-host=pypi.python.org --trusted-host=pypi.org --trusted-host=files.pythonhosted.org
Solution 8 - Python
Netscope related SSL issue on Windows 10 with Python 3.9
I had ssl issues due to company network security related to netscope. My machine is windows 10 with python 3.9 and the following command worked for me.
pip config set global.trusted-host "pypi.org files.pythonhosted.org pypi.python.org" --trusted-host=pypi.python.org --trusted-host=pypi.org --trusted-host=files.pythonhosted.org
Here, pip permanently trusted these sites, and now we can use them to download any packages.
Solution 9 - Python
The most straightforward way I've found, is to download and use the "DigiCert High Assurance EV Root CA" from DigiCert at https://www.digicert.com/digicert-root-certificates.htm#roots
You can visit https://pypi.python.org/ to verify the cert issuer by clicking on the lock icon in the address bar, or increase your geek cred by using openssl:
$ openssl s_client -connect pypi.python.org:443
CONNECTED(00000003)
depth=1 /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 Extended Validation Server CA
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:/businessCategory=Private Organization/1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Delaware/serialNumber=3359300/street=16 Allen Rd/postalCode=03894-4801/C=US/ST=NH/L=Wolfeboro,/O=Python Software Foundation/CN=www.python.org
i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 Extended Validation Server CA
1 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 Extended Validation Server CA
i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
The last CN value in the certificate chain is the name of the CA that you need to download.
For a one-off effort, do the following:
- Download the CRT from DigiCert
- Convert the CRT to PEM format
- Export the PIP_CERT environment variable to the path of the PEM file
(the last line assumes you are using the bash shell) before running pip.
curl -sO http://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt
openssl x509 -inform DES -in DigiCertHighAssuranceEVRootCA.crt -out DigiCertHighAssuranceEVRootCA.pem -text
export PIP_CERT=`pwd`/DigiCertHighAssuranceEVRootCA.pem
To make this re-usable, put DigiCertHighAssuranceEVRootCA.crt somewhere common and export PIP_CERT accordingly in your ~/.bashrc.
Solution 10 - Python
You've the following possibilities to solve issue with CERTIFICATE_VERIFY_FAILED
:
-
Use HTTP instead of HTTPS (e.g.
--index-url=http://pypi.python.org/simple/
). -
Use
--cert <trusted.pem>
orCA_BUNDLE
variable to specify alternative CA bundle.E.g. you can go to failing URL from web-browser and import root certificate into your system.
-
Run
python -c "import ssl; print(ssl.get_default_verify_paths())"
to check the current one (validate if exists). -
OpenSSL has a pair of environments (
SSL_CERT_DIR
,SSL_CERT_FILE
) which can be used to specify different certificate databasePEP-476. -
Use
--trusted-host <hostname>
to mark the host as trusted. -
In Python use
verify=False
forrequests.get
(see: SSL Cert Verification). -
Use
--proxy <proxy>
to avoid certificate checks.
Read more at: TLS/SSL wrapper for socket objects - Verifying certificates.
Solution 11 - Python
To solve this problem once and for all, you can verify that you have a pip.conf
file.
This is where your pip.conf
should be, according to the documentation:
> On Unix the default configuration file is: $HOME/.config/pip/pip.conf
which respects the XDG_CONFIG_HOME environment variable.
>
> On macOS the configuration file is $HOME/Library/Application Support/pip/pip.conf
if directory $HOME/Library/Application Support/pip
exists else $HOME/.config/pip/pip.conf
>
> On Windows the configuration file is %APPDATA%\pip\pip.ini
.
Inside a virtualenv:
> On Unix and macOS the file is $VIRTUAL_ENV/pip.conf
>
> On Windows the file is: %VIRTUAL_ENV%\pip.ini
Your pip.conf
should look like:
[global]
trusted-host = pypi.python.org
pip install linkchecker
installed linkchecker
without complains after I created the pip.conf
file.
Solution 12 - Python
Set Time and Date correct!
For me, it came out that my date and time was misconfigured on Raspberry Pi. The result was that all SSL and HTTPS connections failed, using the https://files.pythonhosted.org/ server.
Update it like this:
sudo date -s "Wed Thu 23 11:12:00 GMT+1 2018"
sudo dpkg-reconfigure tzdata
Or directly with e.g. Google's time:
Ref.: https://superuser.com/a/635024/935136
sudo date -s "$(curl -s --head http://google.com | grep ^Date: | sed 's/Date: //g')"
sudo dpkg-reconfigure tzdata
Solution 13 - Python
I recently ran into this problem because of my company's web content filter that uses its own Certificate Authority so that it can filter SSL traffic. PIP doesn't seem to be using the system's CA certificates in my case, producing the error you mention. Downgrading PIP to version 1.2.1 presented its own set of problems later on, so I went back to the original version that came with Python 3.4.
My workaround is quite simple: use easy_install
. Either it doesn't check the certs (like the old PIP version), or it knows to use the system certs because it works every time for me and I can still use PIP to uninstall packages installed with easy_install.
If that doesn't work and you can get access to a network or computer that doesn't have the issue, you could always setup your own personal PyPI server: https://stackoverflow.com/questions/18052217/how-to-create-local-own-pypi-repository-index-without-mirror
I almost did that until I tried using easy_install
as a last ditch effort.
Solution 14 - Python
You can try to bypass the SSL error by using http instead of https. Of course this is not optimal in terms of security, but if you are in a hurry it should do the trick:
pip install --index-url=http://pypi.python.org/simple/ linkchecker
Solution 15 - Python
TLDR:
pip install --trusted-host pypi.org --trusted-host pypi.python.org --trusted-host files.pythonhosted.org -r requirements.txt -vvv
pip install --trusted-host pypi.org --trusted-host pypi.python.org --trusted-host files.pythonhosted.org <packageName> -vvv
So, Having 30+ answers to the question already, but nothing was working for me in June 2020 (while in lockdown ).
all were given in different moments of past. I will try to make this answer work for all times in future.
The problem is while pip installs package it tries to connect with host URL where package is stored and doesn't trust the URL while downloading it.
There are two ways we can solve this: Easy and non-secure:
-
check which URL is hit by pip to download the package.
pip install
-vvv
if you will carefully check the output, you will see it might be going to some URL like pypi.org or may be pypi.python.org.
if it is, just add trusted host option to the command like below:
pip install --trusted-host pypi.org --trusted-host pypi.python.org --trusted-host files.pythonhosted.org <packageName> -vvv
or if you are using requirements file:
pip install --trusted-host pypi.org --trusted-host pypi.python.org --trusted-host files.pythonhosted.org -r requirements.txt -vvv
Secure way:
Go to each of these URL and download their public cert (just google how to download), create a chain, store it as .pem file and run below command:
pip --cert YourPemFile.pem install <packageName>
Solution 16 - Python
I installed pip 1.2.1 with easy_install and upgraded to latest version of pip (6.0.7 at the time) which is able to install packages in my case.
easy_install pip==1.2.1
pip install --upgrade pip
Solution 17 - Python
You have 4 options:
Using a certificate as parameter
$ pip install --cert /path/to/mycertificate.crt linkchecker
pip.conf
Using a certificate in a Create this file:
$HOME/.pip/pip.conf (Linux)
%HOME%\pip\pip.ini (Windows)
and add these lines:
[global]
cert = /path/to/mycertificate.crt
Ignoring certificate and using HTTP
$ pip install --trusted-host pypi.python.org linkchecker
Ignoring certificate and using HTTP in a pip.conf
Create this file:
$HOME/.pip/pip.conf (Linux)
%HOME%\pip\pip.ini (Windows)
and add these lines:
[global]
trusted-host = pypi.python.org
Source
Solution 18 - Python
The answers to use
pip install --trusted-host pypi.python.org <package>
work. But you'll have to check if there are redirects or caches pip
is hitting. On Windows 7 with pip 9.0.1
, I had to run
pip install \
--trusted-host pypi.python.org \
--trusted-host pypi.org \
--trusted-host files.pythonhosted.org \
<package>
You can find these with the verbose flag.
Solution 19 - Python
First of all,
pip install --trusted-host pypi.python.org <package name>
did not work for me. I kept getting the CERTIFICATE_VERIFY_FAILED error. However, I noticed in the error messages that they referenced the 'pypi.org' site. So, I used this as the trusted host name instead of pypi.python.org. That almost got me there; the load was still failing with CERTIFICATE_VERIFY_FAILED, but at a later point. Finding the reference to the website that was failing, I included it as a trusted host. What eventually worked for me was:
pip install --trusted-host pypi.org --trusted-host files.pythonhosted.org <package name>
Solution 20 - Python
Had the same problem trying pip install ftputil
with ActivePython 2.7.8, ActivePython 3.4.1, and "stock" Python 3.4.2 on 64-bit Windows 7 Enterprise. All attempts failed with the same errors as OP.
Worked around the problem for Python 3.4.2 by downgrading to pip 1.2.1: easy_install pip==1.2.1
(see https://stackoverflow.com/a/16370731/234235). Same fix also worked for ActivePython 2.7.8.
The bug, reported in March 2013, is still open: https://github.com/pypa/pip/issues/829.
Solution 21 - Python
Don't Skip! Found Safe Solution for Linux
All the solutions of adding pypi.org
to trusted sites with --trusted-host
is not safe, basically skipping https, not really fixing the problem.
Everyone which uses this approach, please try to update your cert this way and remove --trusted-host
flag:
sudo yum -y update ca-certificates
export PIP_CERT=/etc/ssl/certs/ca-bundle.crt
Safety Matters!
Solution 22 - Python
I attempted with using the corporate proxy but it failed.
I'm using Python 3.6
.
pip.conf
file was missing.
Here are the steps to solve the issue:
-
Install certificate package:
-pip --trusted-host pypi.python.org --trusted-host files.pythonhosted.org --trusted-host pypi.org install certifi
-
Create a
pip.conf
file, as so:
$ cd ~/.config
$ mkdir pip
$ cd pip
$ nano pip.conf
Add the following to the newly created .conf
file, and save it.
[global]
trusted-host = pypi.python.org files.pythonhosted.org pypi.org pypi.io
All done and it started working.
Solution 23 - Python
Nothing on this page worked for me until I used the --verbose option to see that it wanted to get to files.pythonhosted.org rather than pypi.python.org:
pip install --trusted-host files.pythonhosted.org <package_name>
So check the URL that it's actually failing on via the --verbose option.
Solution 24 - Python
I'm not sure if this is related, but I had a similar problem which was fixed by copying these files from Anaconda3/Library/bin to Anaconda3/DLLs :
libcrypto-1_1-x64.dll
libssl-1_1-x64.dll
Solution 25 - Python
Short Solution:
easy_install <package name>
For Example:
easy_install pandas
Alternate solution:
pip install <package_name> --trusted-host pypi.org --trusted-host files.pythonhosted.org
Example:
pip install pandas --trusted-host pypi.org --trusted-host files.pythonhosted.org
Solution 26 - Python
Recently I faced the same issue in python 3.6 with visual studio 2015. After spending 2 days, I got the solution and its working fine for me.
I got below error while try to install numpy using pip or from visual studio Collecting numpy Could not fetch URL https://pypi.python.org/simple/numpy/: There was a problem confirming the ssl certificate: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:748) - skipping Could not find a version that satisfies the requirement numpy (from versions: ) No matching distribution found for numpy
Resolution :
For Windows OS
- open -> "%appdata%" Create "pip" folder if not exists.
- In pip folder create "pip.ini" file.
- Edit file and write
[global]
trusted-host = pypi.python.org Save and Close the file. Now install using pip/visual studio it works fine.
Solution 27 - Python
One solution (for Windows) is to create a file called pip.ini
on the %AppData%\pip\
folder (create the folder if it doesn't exist) and insert the following details:
[global]
cert = C:/certs/python_root.pem
proxy = http://my_user@my_company.com:my_password@proxy_ip:proxy_port
...and then we can execute the install instruction:
pip3 install PyQt5
Another option is to install the package using arguments for the proxy and certificate...
$ pip3 install --proxy http://my_user@my_company.com:my_password@proxy_ip:proxy_port \
--cert C:/certs/python_root.pem PyQt5
To convert the certificate *.cer
files to the required *.pem
format execute the following instruction:
$ openssl x509 -inform der -in python_root.cer -out python_root.pem
Hope this helps someone!
Solution 28 - Python
Just putting this here as I don't see any other mentioning it.
You can set globally trusted-host to pip like this:
py -m pip config set global.trusted-host pypi.org
and most importantly, it will return the right place where the pip.ini/pip.conf is put
Solution 29 - Python
I solved this problem by removing my pip and installing the older version of pip: https://pypi.python.org/pypi/pip/1.2.1
Solution 30 - Python
You can try this to ignore "https":
pip install --index-url=http://pypi.python.org/simple/ --trusted-host pypi.python.org [your package..]
Solution 31 - Python
In my case it was due to SSL certificate being signed by internal CA of my company. Using workarounds like pip --cert
did not help, but the following package did:
pip install pip_system_certs
See: https://pypi.org/project/pip-system-certs/
> This package patches pip and requests at runtime to use certificates from the default system store (rather than the bundled certs ca). > > This will allow pip to verify tls/ssl connections to servers who’s cert is trusted by your system install.
Solution 32 - Python
I faced a similar issue. The solution that worked for me
- uninstall python 2.7
- delete python27 folder
- reinstall the latest python
Solution 33 - Python
If you are using Anaconda and facing this issue only when running pip within an environment, you might need to reinstall python.
Run conda install python
within the desired environment.
Solution 34 - Python
running pip install certifi
before installing any other package solved my problem
Solution 35 - Python
Despite there being >40 answers, AFAIK none of them completely solved the issue for me.
I'm on macOS Catalina 10.15.5, behind a corporate proxy.
When attempting to install or upgrade a package, I was given the following error
>>> pip install <package name>
Looking in indexes: https://pypi.org/simple, https://data:****@pypi.<company>.com/simple/
WARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1108)'))': <package name>
WARNING: Retrying (Retry(total=3, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1108)'))': <package name>
@Steve_Tauber's answer pip --cert /etc/ssl/certs/FOO_Root_CA.pem install linkchecker
got me part of the way there.
I was able to use the existing cert file to successfully install packages, as so:
pip install --cert /Users/me/opt/anaconda3/ssl/cert.pem --upgrade pip
But I didn't want to have to use the cert flag every time I wanted to use pip...
The answer is to update environment variables:
CERT_PATH=/Users/me/opt/anaconda3/ssl/cert.pem
export SSL_CERT_FILE=${CERT_PATH}
export REQUESTS_CA_BUNDLE=${CERT_PATH}
And now I can install without issues.
Solution 36 - Python
for me this is because previously I'm running script which set proxy (to fiddler), reopening console or reboot fix the problem.
Solution 37 - Python
In my case, I was running Python in the minimal alpine docker image. It was missing root CA certificates. Fix:
apk update && apk add ca-certificates
Solution 38 - Python
As of now when pip has upgraded to 10 and now they have changed their path from pypi.python.org to files.pythonhosted.org Please update the command to pip --trusted-host files.pythonhosted.org install python_package
Solution 39 - Python
Vaulstein answer helped me.
I did not find the pip.ini file anywhere on my pc. So did the following.
- Went to the the AppData folder. You can get the appdata folder by opening up the command prompt and type echo %AppData%
Or simply type %AppData% in windows explorer.
-
Create a folder called pip inside of that appdata folder.
-
In that pip folder that you just created, create a simple textfile called pip.ini
-
Past the following config settings in that file using a simple editor of your choice.
pip.ini file:
[list]
format=columns
[global]
trusted-host = pypi.python.org pypi.org
You should now be good to go.
Solution 40 - Python
Alternatively, if nothing works (as was my case) you can revert to searching and downloading a whl file here:
https://pypi.org/project/fileDownloader.py/
Before installing it via pip using the downloaded file which won't require any certificate anymore:
python3.7 -m pip install Myfile.whl
Solution 41 - Python
I have this problem with pip 21.0.1
and none of the answers worked for me. Some people solved the problem by downgrading the pip version.
If in 2021 you still have this problem, I did downgrade to pip 20.2.4
and now it works.
Solution 42 - Python
For me none of the suggested methods worked - using cert, HTTP, trusted-host.
In my case switching to a different version of the package worked (paho-mqtt 1.3.1 instead of paho-mqtt 1.3.0 in this instance).
Looks like problem was specific to that package version.
Solution 43 - Python
You may have this problem if some certificates are missing in your system.eg on opensuse install ca-certificates-mozilla
Solution 44 - Python
Short answer
If running into this at home on a corporate machine, try again at work.
Details
I ran into this over the weekend. Pip and conda both broken, unable to install or update. SO was helpful, but many answers were problematic on a corporate machine - the solutions require the ability to pip install (already does not work) or require downloading an installer (the ones I wanted to download were prohibited by firewall settings).
What worked for me was to try again when I was on prem. This worked. It turned out the corporate firewall settings were different when using the machine at home vs at work.
Solution 45 - Python
This is what worked for me:
$ sudo mv /etc/ssl/cert.pem /etc/ssl/cert.pem.BAK
In my situation, I was getting the same error for pip installs and a similar one when trying to run aws CLI commands. Everything was working one week, then not the next. AFAIK, I didn't install anything that would have broken SSL.
I'm on MacOS Big Sur and tried various versions of Python 3.x, installed via both pyenv and Brew. I tried all of the relevant solutions listed in this thread. I even re-installed the OS, but no dice.
Solution 46 - Python
Set your proxy in connections and then run:
curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py --proxy proxy:80
Solution 47 - Python
fixed my issue on OSX by running the following in the terminal:
open "/Applications/Python 3.9/Install Certificates.command"
Solution 48 - Python
If you have compiles the Python, then do the following thing to get SSL enabled in the Python.
wget --no-check-certificate https://www.python.org/ftp/python/3.9.10/Python-3.9.10.tgz
tar -zxf Python-3.9.10.tgz
cd Python-3.9.10
mkdir /home/$USER/tools
export INSTALL_BASE_PATH=/home/$USER/tools
mkdir -p {INSTALL_BASE_PATH}/ssl
vi ./Modules/Setup # Modify below lines in this file to these
> SSL={INSTALL_BASE_PATH}/ssl
> _ssl _ssl.c
> -DUSE_SSL -I$(SSL)/include -I$(SSL)/include/openssl
> -L$(SSL)/lib -lssl -lcrypto
./configure \
--prefix=${INSTALL_BASE_PATH} \
--enable-shared \
--enable-ipv6 \
LDFLAGS=-Wl,-rpath=${INSTALL_BASE_PATH}/lib,--disable-new-dtags
make
make install
Solution 49 - Python
For Python 3.10
Add/update file with content
[global]
trusted-host = pypi.python.org
pypi.org
files.pythonhosted.org
file location
-
MacOS - $HOME/Library/Application Support/pip/pip.conf
-
Unix - $HOME/.config/pip/pip.conf
-
Windows - %APPDATA%\pip\pip.ini
Solution 50 - Python
I tried every thing in this list! none did the trick. I realize my connection wasn't steady- so I plug the power of my modem for 1 minute solved my problem :)
Solution 51 - Python
If you've installed Python manually using make
you will have to follow this answer: https://stackoverflow.com/a/42798679/6403406 to get it working.
Solution 52 - Python
if you are using a virtual environment I would recommend using this solution,
pyenv install (wanted_python_version)