pip install fails with "connection error: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:598)"
I am very new to Python and trying to > pip install linkchecker on Windows 7. Some notes:
pip install is failing no matter the package. For example, > pip install scrapy also results in the SSL error.
Vanilla install of Python 3.4.1 included pip 1.5.6. The first thing I tried to do was install linkchecker. Python 2.7 was already installed, it came with ArcGIS. python and pip were not available from the command line until I installed 3.4.1.
> pip search linkchecker works. Perhaps that is because pip search does not verify the site's SSL certificate.
I am in a company network but we do not go through a proxy to reach the Internet.
Each company computer (including mine) has a Trusted Root Certificate Authority that is used for various reasons including enabling monitoring TLS traffic to https://google.com. Not sure if that has anything to do with it.
Here are the contents of my pip.log after running pip install linkchecker:
Downloading/unpacking linkchecker
Getting page https://pypi.python.org/simple/linkchecker/
Could not fetch URL https://pypi.python.org/simple/linkchecker/: connection error: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:598)
Will skip URL https://pypi.python.org/simple/linkchecker/ when looking for download links for linkchecker
Getting page https://pypi.python.org/simple/
Could not fetch URL https://pypi.python.org/simple/: connection error: HTTPSConnectionPool(host='pypi.python.org', port=443): Max retries exceeded with url: /simple/ (Caused by <class 'http.client.CannotSendRequest'>: Request-sent)
Will skip URL https://pypi.python.org/simple/ when looking for download links for linkchecker
Cannot fetch index base URL https://pypi.python.org/simple/
URLs to search for versions for linkchecker:
* https://pypi.python.org/simple/linkchecker/
Getting page https://pypi.python.org/simple/linkchecker/
Could not fetch URL https://pypi.python.org/simple/linkchecker/: connection error: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:598)
Will skip URL https://pypi.python.org/simple/linkchecker/ when looking for download links for linkchecker
Could not find any downloads that satisfy the requirement linkchecker
Cleaning up...
Removing temporary dir C:\Users\jcook\AppData\Local\Temp\pip_build_jcook...
No distributions at all found for linkchecker
Exception information:
Traceback (most recent call last):
File "C:\Python34\lib\site-packages\pip\basecommand.py", line 122, in main
status = self.run(options, args)
File "C:\Python34\lib\site-packages\pip\commands\install.py", line 278, in run
requirement_set.prepare_files(finder, force_root_egg_info=self.bundle, bundle=self.bundle)
File "C:\Python34\lib\site-packages\pip\req.py", line 1177, in prepare_files
url = finder.find_requirement(req_to_install, upgrade=self.upgrade)
File "C:\Python34\lib\site-packages\pip\index.py", line 277, in find_requirement
raise DistributionNotFound('No distributions at all found for %s' % req)
pip.exceptions.DistributionNotFound: No distributions at all found for linkchecker
For this error message in your own code (using urllib, urllib2, requests etc. to attempt a connection using SSL), see urllib and "SSL: CERTIFICATE_VERIFY_FAILED" Error .This solution is insecure and can lead to other issues like man-in-the-middle attacks. This was given as a solution where the issue is trying to access package repository behind corporate firewalls, and even then is unsafe. Please understand the security risks before considering this as a solution. use trusted-host in either pip.conf or command line argument You can ignore SSL errors by setting pypi.org and files.pythonhosted.org as well as the older pypi.python.org as trusted hosts. $ pip install --trusted-host pypi.org --trusted-host pypi.python.org --trusted-host files.pythonhosted.org <package_name> Note: Sometime during April 2018, the Python Package Index was migrated from pypi.python.org to pypi.org. This means "trusted-host" commands using the old domain no longer work, but you can add both. Permanent Fix Since the release of pip 10.0, you should be able to fix this permanently just by upgrading pip itself: $ pip install --trusted-host pypi.org --trusted-host pypi.python.org --trusted-host files.pythonhosted.org pip setuptools Or by just reinstalling it to get the latest version: $ curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py (… and then running get-pip.py with the relevant Python interpreter). pip install <otherpackage> should just work after this. If not, then you will need to do more, as explained below. You may want to add the trusted hosts and proxy to your config file. pip.ini (Windows) or pip.conf (unix) [global] trusted-host = pypi.python.org pypi.org files.pythonhosted.org Alternate Solutions (Less secure) All of these answers shared to this question have a security risk associated with them, whether it is to disable SSL verification, add trusted domain, use self signed certificates, etc. Use this solution only if you are behind a corporate firewall and you understand that the risk are handled. Two of the workarounds that help in installing most of the python packages with ease would be: Using easy_install: if you are really lazy and don't want to waste much time, use easy_install <package_name>. Note that some packages won't be found or will give small errors. Using Wheel: download the Wheel of the python package and use the pip command pip install wheel_package_name.whl to install the package.
Get this solution programmatically \u2014 free, no authentication.
curl https://depscope.dev/api/error/0e501f8479c4c017b27b52202c2ad526dd64aaf47c1f4e4162a8150e2cd3fb40