Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Feedparser.parse() 'SSL: CERTIFICATE_VERIFY_FAILED'

I'm having this SSL issue with feedparser parsing an HTTPS RSS feed, I don't really know what to do as I can't find any documentation on this error when it comes to feedparser:

>>> import feedparser
>>> feed = feedparser.parse(rss)
>>> feed
{'feed': {}, 'bozo': 1, 'bozo_exception': URLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:581)'),), 'entries': []}
>>> feed["items"]
[]
>>> 
like image 829
regularjoe Avatar asked Feb 02 '15 16:02

regularjoe


2 Answers

Thanks you cmidi for the answer, which was to 'monkey patch' using ssl._create_default_https_context = ssl._create_unverified_context

import feedparser
import ssl
if hasattr(ssl, '_create_unverified_context'):
    ssl._create_default_https_context = ssl._create_unverified_context
feed = feedparser.parse(rss) #<<WORKS!!
like image 124
regularjoe Avatar answered Sep 23 '22 06:09

regularjoe


This is due to Python beginning to apply certificate verification by default for stdlib http clients.

A great explanation of the rationale of the change can be found in this Redhat article. There's also information regarding how to control and troubleshoot this new situation.

Both previous references explain how to avoid certificate verification in single connections (which is not a solution for feedparser users):

  • PEP-476 - Opting out
import ssl

# This restores the same behavior as before.
context = ssl._create_unverified_context()
urllib.urlopen("https://no-valid-cert", context=context)
  • RedHat - Modifying Python programs to control certificate verification

Currently, feedparser users can only avoid certificate verification by monkeypatching, which is highly discouraged as it affects the whole application.

The code to change the behavior application-wide would be as follows (code taken from PEP-476):

import ssl

try:
    _create_unverified_https_context = ssl._create_unverified_context
except AttributeError:
    # Legacy Python that doesn't verify HTTPS certificates by default
    pass
else:
    # Handle target environment that doesn't support HTTPS verification
    ssl._create_default_https_context = _create_unverified_https_context

There is an issue on the feedparser tracker about this: How to fix SSL: CERTIFICATE_VERIFY_FAILED?.

like image 21
davidag Avatar answered Sep 22 '22 06:09

davidag