我使用
安装了python 3.6 brew install python3
并尝试从https下载six.moves.urllib.request.urlretrieve
的文件,但会引发错误
ssl.SSLError:[SSL:CERTIFICATE_VERIFY_FAILED]证书验证失败(_ssl.c:749)
在Python安装中(来自.pkg),README表示在安装to之后需要运行Install Certificates.command
certifi
certify
路径能够使用证书。
但是,在brew安装中,此文件不存在,似乎无法运行。
答案 0 :(得分:17)
似乎由于某种原因,Brew没有运行Mac3的Python3包中的Install Certificates.command
。此问题的解决方案是在Install Certificates.command
之后运行以下脚本(从brew install python3
复制):
# install_certifi.py
#
# sample script to install or update a set of default Root Certificates
# for the ssl module. Uses the certificates provided by the certifi package:
# https://pypi.python.org/pypi/certifi
import os
import os.path
import ssl
import stat
import subprocess
import sys
STAT_0o775 = ( stat.S_IRUSR | stat.S_IWUSR | stat.S_IXUSR
| stat.S_IRGRP | stat.S_IWGRP | stat.S_IXGRP
| stat.S_IROTH | stat.S_IXOTH )
def main():
openssl_dir, openssl_cafile = os.path.split(
ssl.get_default_verify_paths().openssl_cafile)
print(" -- pip install --upgrade certifi")
subprocess.check_call([sys.executable,
"-E", "-s", "-m", "pip", "install", "--upgrade", "certifi"])
import certifi
# change working directory to the default SSL directory
os.chdir(openssl_dir)
relpath_to_certifi_cafile = os.path.relpath(certifi.where())
print(" -- removing any existing file or link")
try:
os.remove(openssl_cafile)
except FileNotFoundError:
pass
print(" -- creating symlink to certifi certificate bundle")
os.symlink(relpath_to_certifi_cafile, openssl_cafile)
print(" -- setting permissions")
os.chmod(openssl_cafile, STAT_0o775)
print(" -- update complete")
if __name__ == '__main__':
main()
答案 1 :(得分:9)
python -c 'import ssl; print(ssl.get_default_verify_paths().openssl_cafile)'
/Applications/Xcode.app/Contents/Developer/Library/Frameworks/Python3.framework/Versions/3.7/etc/ssl/cert.pem
sudo mkdir -p /Applications/Xcode.app/Contents/Developer/Library/Frameworks/Python3.framework/Versions/3.7/etc/ssl/certs
certifi
的ca文件python -c 'import certifi; print(certifi.where())'
'/ usr / local / lib / python3.7 / site-packages / certifi / cacert.pem'
sudo cp /usr/local/lib/python3.7/site-packages/certifi/cacert.pem
/Applications/Xcode.app/Contents/Developer/Library/Frameworks/Python3.framework/Versions/3.7/etc/ssl/certs/cert.pem
答案 2 :(得分:5)
我的Mac OS X解决方案:
1)使用从官方Python语言网站https://www.python.org/downloads/下载的本机应用程序Python安装程序升级到Python 3.6.5
我发现这个安装程序比自制软件更好地更新新Python的链接和符号链接。
2)使用" ./安装Certificates.command"安装新证书。它位于刷新的Python 3.6目录中
cd" / Applications / Python 3.6 /" sudo" ./安装Certificates.command"
答案 3 :(得分:4)
对于临时操作,以下操作将禁用ssl检查,
import ssl
ssl._create_default_https_context = ssl._create_unverified_context