Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Can I turn off Python (PiP) SSL cert validation with an ENV variable?

Tags:

python

python-3.x

pip

I have a really bad network that uses a MITM cert to snoop on everyone's convos. This means I need to turn it off, for example, in node I use export NODE_TLS_REJECT_UNAUTHORIZED="0".

Is there a similar way to do this in Python to get around this issue?

Pretend I am security deficient (which I am). In my example for node I just configure an environmental variable and be done. This has me using a pem file (which I have no idea where to get). I tried downloading the cert chain but couldn't get it to a pem file. Is there really no more straight forward way to accomplish this? Honestly the way the network is set up I don't think I can even import just one cert.

I tried using this...

pip3 install itsdangerous --proxy=http://proxy.me.com:80 --index-url=http://pypi.python.org/simple/

Getting page http://pypi.python.org/simple/
Could not fetch URL http://pypi.python.org/simple/: timed out
Will skip URL http://pypi.python.org/simple/ when looking for download links for itsdangerous
Cannot fetch index base URL http://pypi.python.org/simple/

Still confirming that this isn't a red herring thanks to our proxy.

Also I've tried adding HTTP_PROXY and HTTPS_PROXY instead of the command line option. Still get the following result...

  pip3 install itsdangerous --index-url=http://pypi.python.org/simple/
  ...
  Downloading/unpacking itsdangerous
  Getting page http://pypi.python.org/simple/itsdangerous/
  Could not fetch URL http://pypi.python.org/simple/itsdangerous/: connection error: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:600)
  Will skip URL http://pypi.python.org/simple/itsdangerous/ when looking for download links for itsdangerous
  Getting page http://pypi.python.org/simple/
  Could not fetch URL http://pypi.python.org/simple/: connection error: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:600)

Also might be important...

pip 1.5.4 from /usr/lib/python3/dist-packages (python 3.4)
like image 990
Jackie Avatar asked Jan 05 '16 15:01

Jackie

1 Answers

I have the exact same issue on my network. I did this to install pillow:

pip install Pillow --trusted-host pypi.python.org --index-url=http://pypi.python.org/simple/

...and it worked great for me. Hope it helps.

like image 139
Wes Grant Avatar answered Oct 26 '22 02:10

Wes Grant
Sign in to Comment

Related questions

AttributeError: 'NoneType' object has no attribute 'endswith'
subprocess's Popen closes stdout/stderr filedescriptors used in another thread when Popen errors
Decrypt using an RSA public key with PyCrypto
Creating a multithreaded server using SocketServer framework in python
How do I launch a file in its default program, and then close it when the script finishes?
Filling holes in objects that touch the border of an image
How to see exceptions in a Flask + gunicorn app?
Creating a large dictionary in pyspark
Pandas: Concatenate dataframe and keep duplicate indices
Divide total sum equally to higher sampled time periods when upsampling with pandas
pandas read_csv import gives mixed type for a column
How to docstring in python for multiple languages
Reloading packages (and their submodules) recursively in Python
Why does "None in numpy.asarray(...)" cause a future warning
numpy.savetxt() stop newline on final line
Autobahn sending user specific and broadcast messages from external application
How to catch `CParserError` when reading a CSV file
PYTHON DLL load failed
Using the absolute_sigma parameter in scipy.optimize.curve_fit
Haystack says “Model could not be found for SearchResult”

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!