Welcome!
This is the community forum for my apps Pythonista and Editorial.
For individual support questions, you can also send an email. If you have a very short question or just want to say hello — I'm @olemoritz on Twitter.
Since IOS 15 requests always gives me an SSL Certificate Error.
-
Hi,
after updating to IOS 15 i get always a SSL: CERTIFICATE_VERIFY_FAILED error.
with requests.Session() as s:
r= s.get('https://URL)Only adding verify=False helps. Can someone tell me how to add the certificate?
Thanks a lot.
BG kami
-
Same SSL certificate errors here using “requests()”.
Have not tried “verify=false” yet… but even if it works, that is NOT a solution!
Please update (your great tool!!!) Pythonista to work with the (changed location/API?) trusted certificates/CAs!
Thanks, Frank.
-
Can you open stash, and run
pip install certifithen force quit pythonista, and try again.
-
"pip install certifi" from within stash worked!
Seems that it allows "requests" to find the right collection of trusted CAs again - no more need for "verify=False".
JonB thanks for the suggestion!
Although... pythonista should still be updated for this though... please...
Regards, Frank.
-
This worked for my http calls using the requests library
However, I have an asynchronous program making requests with the aiohttp library. These still throw the SSL Certificate errors...
Cannot connect to host ****** ssl:default [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:749)]
I'm not sure it has to do with iOS 15... my phone isn't upgraded yet and it's throwing the same errors. Most likely to do with this: https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/
>>> aiohttp.__version__ '3.7.4.post0' >>> requests.__version__ '2.26.0' >>> certifi.__version__ '2021.05.30'
-
Aiohttp uses the default device cacert. Which might be old (this might be the hard coded one that came with pythonista, I forget if it uses actual device cacerts)
Aiohttp can be set to a different ssl context -- session.get() takes an ssl argument.
context = ssl.create_default_context(cafile=certifi.where()) ... session = aiohttp.ClientSession() session.get(url, ssl=context)
I think you can also pass ssl_context to a TCPConnector, so it gets used to all requests:
conn = aiohttp.TCPConnector(ssl_context=ssl_context) session = aiohttp.ClientSession(connector=conn)
-
Thanks @JonB , worked a total charm!
-
@JonB
It also worked for geocode nominatim query. Thanks 🙏