How to get Python requests to trust a self signed SSL certificate

Question

import requests data     foo   bar   url    https   foo com bar  r   requests post url  data data    If the URL uses a self signed certificate  this fails with   requests exceptions SSLError   Errno 1   ssl c 507  error 14090086 SSL routines SSL3 GET SERVER CERTIFICATE certificate verify failed   I know that I can pass False to the verify parameter  like this   r   requests post url  data data  verify False    However  what I would like to do is point requests to a copy of the public key on disk and tell it to trust that certificate

User · Answer

You may try    settings   s merge environment settings prepped url  None  None  None  None    You can read more here  http   docs python-requests org en master user advanced

User · Answer

try   r   requests post url  data data  verify   path to public key pem

User · Answer

The easiest is to export the variable REQUESTS CA BUNDLE that points to your private certificate authority  or a specific certificate bundle   On the command line you can do that as follows   export REQUESTS CA BUNDLE  path to your certificate pem python script py   If you have your certificate authority and you don t want to type the export each time you can add the REQUESTS CA BUNDLE to your    bash profile as follows   echo  export REQUESTS CA BUNDLE  path to your certificate pem   gt  gt     bash profile   source    bash profile

User · Answer

With the verify parameter you can provide a custom certificate authority bundle  requests get url  verify path to bundle file    From the docs      You can pass verify the path to a CA BUNDLE file with certificates of   trusted CAs  This list of trusted CAs can also be specified through   the REQUESTS CA BUNDLE environment variable

User · Answer

Case where multiple certificates are needed was solved as follows  Concatenate the multiple root pem files  myCert-A-Root pem and myCert-B-Root pem  to a file  Then set the requests REQUESTS CA BUNDLE var to that file in my    bash profile     cp myCert-A-Root pem ca roots pem   cat myCert-B-Root pem  gt  gt  ca roots pem   echo  export REQUESTS CA BUNDLE   PATH TO CA CHAIN ca roots pem   gt  gt     bash profile   source    bash profile

User · Answer

Setting export SSL CERT FILE  path file crt should do the job

User · Answer

Incase anyone happens to land here  like I did  looking to add a CA  in my case Charles Proxy  for httplib2  it looks like you can append it to the cacerts txt file included with the python package   For example   cat   Desktop charles-ssl-proxying-certificate pem  gt  gt   usr local google-cloud-sdk lib third party httplib2 cacerts txt   The environment variables referenced in other solutions appear to be requests-specific and were not picked up by httplib2 in my testing

[python] How to get Python requests to trust a self signed SSL certificate?

Examples related to python

Examples related to ssl

Examples related to python-requests