I am trying to add a package to PyPi so I can install it with Pip. I am trying to add it using twine upload dist/*.
This causes me to get multiple SSL errors such as raise SSLError(e, request=request) requests.exceptions.SSLError: HTTPSConnectionPool(host='upload.pypi.org', port=443): Max retries exceeded with url: /legacy/ (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')])"))).
I am using a school laptop and I presume that this is something my administrator has done however I can install stuff with pip by using pip3 install --trusted-host pypi.org --trusted-h\ost files.pythonhosted.org.
I was wondering if there was another to add my package to pip?
My guess is your school has something in place where they are replacing the original cert with their own, you could maybe get around it using --cert and referencing the path for your schools cert, but I think an easier workaround is to copy the files to a non school computer and upload from there.
This could be a number of things, including an out-of-date version of twine, or (more likely) an out-of-date version of OpenSSL. Some possible solutions are listed here: https://github.com/pypa/twine/issues/273
Related
If I do this:
import requests
url = 'https://us-street.api.smartystreets.com/i/redacted/the/url/because/its/an/api/call/with/private/info'
r = requests.get(url)
I get this:
SSLError: HTTPSConnectionPool(host='us-street.api.smartystreets.com', port=443): Max retries exceeded with url: /i/redacted/the/url/because/its/an/api/call/with/private/info (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1131)')))
However, when I put the URL directly into my Chrome browser, I get a response.
The key here is that the request works through the browser, so it's probably something limited to Python. Some sleuthing leads us to the following:
https://stackoverflow.com/a/65860355/5478086
The difference between the above post and our case is that our request still works when verify=False, so the problem is not on the server's side, but on our side. And so, we try the above answer
pip install python-certifi-win32
Or on Anaconda
conda install -c conda-forge python-certifi-win32
(h/t to iambr from this post.)
And now we can successfully make and verify requests from the above domain.
for proper vulnerability scanning it's necessary that python3 speaks insecure HTTPS to avoid overlooking a vulnerable website just because openssl wouldn't talk to it because it was still using SSLv3 or 3DES. After all, those old servers mostly also have the vulnerable applications running on it ;) Compiling my own openssl with enable-weak-ciphers doesn't look like a good option because every user of the scanner also would have to do the same.
The OpenSSL 1.1.1 on my system wouldn't talk to these sites using python3 + requests:
10000-sans.badssl.com
3des.badssl.com
client.badssl.com
client-cert-missing.badssl.com
dh480.badssl.com
dh512.badssl.com
null.badssl.com
rc4.badssl.com
rc4-md5.badssl.com
subdomain.badssl.com
wrong.badssl.com
(I assume there's no way to get this done using requests and pyopenssl without recompiling openssl, so no need to post my code.)
Also this tip didn't work:
http://www.pybloggers.com/2017/02/configuring-tls-with-requests/
This throws this error: requests.exceptions.SSLError:
HTTPSConnectionPool(host='3des.badssl.com', port=443): Max retries exceeded with url: / (Caused by SSLError(SSLError(1, '[SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:852)'),))
Any ideas on how to get it done without recompiling openssl?
thx
2d4d
I am investigating if we can use IBM RTC API to create workitem, get workitem, etc using python scripting. I came across python library "rtcclient" which can achieve the required tasks however I am unable to use it since I get error as "SSLV3 Handshake Error" during the rtcclient call. I receive the same error even with requests.get function as well
requests.exceptions.SSLError: HTTPSConnectionPool(host='clm.demo.com', port=9443): Max retries exceeded with url: /jazz/authenticated/identity (Caused by SSLError(SSLError(1, u'[SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:726)'),))
I am able to retrieve the same details via cURL command however python still throws error. Below are my version details
IBM RTC CLM: 6.0.2
Python: 3.7.6
Libraries installed : cryptography, httplib2, pyopenssl, rtcclient, requests
I am trying to create a new environment from Anaconda navigator and from conda prompt. I cannot install python libraries as well. I get below error:
CondaHTTPError: HTTP 000 CONNECTION FAILED for url https://repo.anaconda.com/pkgs/r/noarch/repodata.json.bz2Elapsed: -An HTTP error occurred when trying to retrieve this URL.HTTP errors are often intermittent, and a simple retry will get you on your way.If your current network has https://www.anaconda.com blocked, please filea support request with your network engineering team.SSLError(MaxRetryError('HTTPSConnectionPool(host=\'repo.anaconda.com\', port=443): Max retries exceeded with url: /pkgs/r/noarch/repodata.json.bz2 (Caused by SSLError(SSLError("bad handshake: Error([(\'SSL routines\', \'tls_process_server_certificate\', \'certificate verify failed\')])")))'))
I tried the solutions from the web, still no help
Try using a terminal and use the following command.
conda create -n testenv python=3.5
Let me know if you have any questions! The video below might help
https://youtu.be/pNqXHQUSEsc
up until yesterday i've been using Spyder on Anaconda to run code with no issues whatsoever. Today, while running one of my scripts that include quandl, i get an SSL error
"SSLError: HTTPSConnectionPool(host='www.quandl.com', port=443): Max
retries exceeded with url: /api/v3/datasets/WIKI/EIX/data?order=asc
(Caused by SSLError(SSLError("bad handshake: Error([('SSL routines',
'ssl3_get_server_certificate', 'certificate verify failed')],)",),))"
I then uninstalled my Anaconda and installed the most recent version, and am now getting an HTTP error
"CondaHTTPError: HTTP 000 CONNECTION FAILED for url
https://repo.anaconda.com/pkgs/r/win-64/repodata.json.bz2"
It seems that every request is being denied (including any other package i attempt to upgrade or install using pip or conda including pip and conda themselves), does someone have any clue as to what is happening? I could really use some help, i'm completely stumped and really need to get back to work.
Thank you in advance.