I'm struggling at the moment to get the requests library to perform a simple GET request to a site of mine with a Let's Encrypt certificate. All's well with the site and I can access it from Chrome just fine. (I'm running OSX El Capitan at the moment).
First I tried doing a GET request to the site:
>>> import requests >>> requests.get('https://example.com')This gives me:
requests.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)I then tried various things, including getting hold of the Let's Encrypt authority certificate , and the following openssl command verifies my site's certificate successfully:
> openssl s_client -CAfile ./letsencryptauthorityx1.pem -connect example.com:443The output of which included the following towards the bottom:
... SSL-Session: Protocol : TLSv1 Cipher : DHE-RSA-AES256-SHA Session-ID: ... Session-ID-ctx: Master-Key: ... Key-Arg : None Start Time: 1452865123 Timeout : 300 (sec) Verify return code: 0 (ok) ---Perhaps I'm missing something here, but it looks to me as though my site's been verified according to the Let's Encrypt authority certificate I supplied. So, I happily changed my python code to:
>>> requests.get('https://example.com', verify='./letsencryptauthorityx1.pem')But I still keep getting the requests.exceptions.SSLError error. I've also tried using the DER format of the authority certificate, but then I get the following error from requests :
requests.exceptions.SSLError: unknown error (_ssl.c:2825)Can anybody perhaps educate me as to how to go about fixing this?