-
-
Notifications
You must be signed in to change notification settings - Fork 129
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Python unable to see CA certificates in Fedora/Rocky/Alma/RHEL systems #259
Comments
I ran into the exact same thing on Python 3.10 (3.8 worked fine) , and used monkey patching in the sitecustomize.py to enable urllib ssl globally per ChatGPT recommendation:
paste this import ssl
try:
import certifi
# Define a function that returns a default SSL context with certifi's CA bundle
def create_certifi_context(purpose=ssl.Purpose.SERVER_AUTH, *, cafile=None, capath=None, cadata=None):
return ssl.create_default_context(purpose, cafile=certifi.where(), capath=capath, cadata=cadata)
# Set the default SSL context creation function to use certifi's CA bundle
ssl._create_default_https_context = create_certifi_context
except:
print('certifi package not installed') |
I also ran into this. Explicitly specifying the SSL certificate file seems to fix the issue: |
Is this a problem of the standalone builds? i.e., is this reproducible with a local build with |
Just built CPython 3.11.9 with pyenv and tested but this issue didn't happen. After some digging, I've found that RHEL-based distros store their root CA certificate bundle as |
Hi,
I think there is an issue when attempting to use this precompiled binaries on a rhel-based system.
I've read the quirks section, and I haven't seen a reference to this problem, that is why I'm raising an issue.
The reason we care about this funcionality is because we're trying to use this python + poetry to get "portable" dev environments accross a bunch of developers (using mise).
Issue description
The following code reproduces the problem on a rhel-based system:
Logs
But the same python program,
urlopen
works just fine on a debian-based system.Logs
Other things I've tried
I've tried installing pip-system-certs and certifi, using the provided pip, but neither of them fixed the issue.
Thank you for reading this far, and let me know if there is something else I can do to help. I'm stuck and unable to fix this by myself (I think).
The text was updated successfully, but these errors were encountered: