Use the somewhat hidden securityfeature:

使用有点隐藏的安全功能：

pip install requests[security]or pip install pyOpenSSL ndg-httpsclient pyasn1

pip install requests[security]或者 pip install pyOpenSSL ndg-httpsclient pyasn1

Both commands install following extra packages:

这两个命令都安装以下额外的包：

• pyOpenSSL
• cryptography
• idna

• 开放式SSL
• 密码学
• 伊德娜

Please note that this is not required for python-2.7.9+.

请注意，这不是python-2.7.9+ 所必需的。

If pip installfails with errors, check whether you have required development packages for libffi, libssland pythoninstalled in your system using distribution's package manager:

如果pip install失败并出现错误，请使用发行版的包管理器检查您是否有需要的开发包libffi，libssl并python安装在您的系统中：

• Debian/Ubuntu- python-devlibffi-devlibssl-devpackages.

• Fedora- openssl-develpython-devellibffi-develpackages.

• Debian/ Ubuntu-python-devlibffi-devlibssl-dev包。

• Fedora-openssl-develpython-devellibffi-devel包。

Distro list above is incomplete.

上面的发行版列表不完整。

Workaround(see the original answer by @TomDotTom):

解决方法（请参阅@TomDotTom 的原始答案）：

In case you cannot install some of the required development packages, there's also an option to disable that warning:

如果您无法安装某些必需的开发包，还有一个选项可以禁用该警告：

import requests.packages.urllib3
requests.packages.urllib3.disable_warnings()

If your pipitself is affected by InsecurePlatformWarningand cannot install anything from PyPI, it can be fixed with this step-by-step guideto deploy extra python packages manually.

如果您pip自己受到InsecurePlatformWarningPyPI 的影响并且无法从 PyPI 安装任何东西，则可以使用此分步指南手动部署额外的 python 包来修复它。

If you are not able to upgradeyour Python version to 2.7.9, and want to suppress warnings,

如果您无法将 Python 版本升级到 2.7.9，并且想要取消警告，

you can downgrade your 'requests'version to 2.5.3:

您可以将“请求”版本降级到 2.5.3：

sudo pip install requests==2.5.3

About version: http://fossies.org/diffs/requests/2.5.3_vs_2.6.0/requests/packages/urllib3/util/ssl_.py-diff.html

关于版本：http: //fossies.org/diffs/requests/2.5.3_vs_2.6.0/requests/packages/urllib3/util/ssl_.py-diff.html

Requests 2.6 introduced this warning for users of python prior to 2.7.9 with only stock SSL modules available.

请求 2.6 为 2.7.9 之前的 python 用户引入了此警告，只有可用的库存 SSL 模块。

Assuming you can't upgrade to a newer version of python, this will install more up-to-date python SSL libraries:

假设您无法升级到更新版本的 python，这将安装更多最新的 python SSL 库：

pip install --upgrade ndg-httpsclient 

HOWEVER, this may fail on some systems without the build-dependencies for pyOpenSSL. On debian systems, running this before the pip command above should be enough for pyOpenSSL to build:

但是，这在某些没有 pyOpenSSL 的构建依赖项的系统上可能会失败。在 debian 系统上，在上面的 pip 命令之前运行它应该足以构建 pyOpenSSL：

apt-get install python-dev libffi-dev libssl-dev

In fact, you can try this.

事实上，你可以试试这个。

requests.post("https://www.google.com", verify=False)

requests.post("https://www.google.com", verify=False)

you can read the code for requests.

您可以阅读请求的代码。

"C:\Python27\Lib\site-packages\requests\sessions.py"

"C:\Python27\Lib\site-packages\requests\sessions.py"

class Session(SessionRedirectMixin):
......
 def request(self, method, url,
    params=None,
    data=None,
    headers=None,
    cookies=None,
    files=None,
    auth=None,
    timeout=None,
    allow_redirects=True,
    proxies=None,
    hooks=None,
    stream=None,
    verify=None,  # <========
    cert=None):
    """
    ...
    :param verify: (optional) if True, the SSL cert will be verified.
         A CA_BUNDLE path can also be provided.
    ...
    """

I don't use this in production, just some test runners. And to reiterate the urllib3 documentation

我不在生产中使用它，只是一些测试运行器。并重申urllib3 文档

If you know what you are doing and would like to disable this and other warnings

如果您知道自己在做什么并想禁用此​​警告和其他警告

import requests.packages.urllib3
requests.packages.urllib3.disable_warnings()

Edit / Update:

编辑/更新：

The following should also work:

以下内容也应该有效：

import logging
import requests

# turn down requests log verbosity
logging.getLogger('requests').setLevel(logging.CRITICAL)

This answer is unrelated, but if you wanted to get rid of warningand get following warning from requests:

这个答案是无关的，但是如果您想摆脱警告并从请求中获得以下警告：

InsecurePlatformWarning /usr/local/lib/python2.7/dist-packages/requests/packages/urllib3/util/ssl_.py:79: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.

InsecurePlatformWarning /usr/local/lib/python2.7/dist-packages/requests/packages/urllib3/util/ssl_.py:79: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.

You can disableit by adding the following line to your python code:

您可以通过将以下行添加到您的 python 代码来禁用它：

requests.packages.urllib3.disable_warnings()

requests.packages.urllib3.disable_warnings()

For me no work i need upgrade pip....

对我来说没有工作，我需要升级 pip ....

Debian/Ubuntu

Debian/Ubuntu

install dependencies

安装依赖

sudo apt-get install libpython-dev libssl-dev libffi-dev

upgrade pip and install packages

升级 pip 并安装软件包

sudo pip install -U pip
sudo pip install -U pyopenssl ndg-httpsclient pyasn1

If you want remove dependencies

如果要删除依赖项

sudo apt-get remove --purge libpython-dev libssl-dev libffi-dev
sudo apt-get autoremove

I just had a similar issue on a CentOS 5 server where I installed python 2.7.12 in /usr/local on top of a much older version of python2.7. Upgrading to CentOS 6 or 7 isn't an option on this server right now.

我刚刚在 CentOS 5 服务器上遇到了类似的问题，我在较旧版本的 python2.7 之上的 /usr/local 中安装了 python 2.7.12。升级到 CentOS 6 或 7 目前在这台服务器上不是一个选项。

Some of the python 2.7 modules were still existing from the older version of python, but pip was failing to upgrade because the newer cryptography package is not supported by the CentOS 5 packages.

一些 python 2.7 模块仍然存在于旧版本的 python，但 pip 升级失败，因为 CentOS 5 包不支持较新的加密包。

Specifically, 'pip install requests[security]' was failing because the openssl version on the CentOS 5 was 0.9.8e which is no longer supported by cryptography > 1.4.0.

具体来说，'pip install requests[security]' 失败是因为 CentOS 5 上的 openssl 版本是 0.9.8e，密码学> 1.4.0 不再支持该版本。

To solve the OPs original issue I did:

为了解决 OP 的原始问题，我做了：

1) pip install 'cryptography<1.3.5,>1.3.0'.  

This installed cryptography 1.3.4 which works with openssl-0.9.8e. cryptograpy 1.3.4 is also sufficient to satisfy the requirement for the following command.

这安装了与 openssl-0.9.8e 一起使用的密码学 1.3.4。cryptograpy 1.3.4 也足以满足以下命令的要求。

2) pip install 'requests[security]'

This command now installs because it doesn't try to install cryptography > 1.4.0.

此命令现在会安装，因为它不会尝试安装密码学 > 1.4.0。

Note that on Centos 5 I also needed to:

请注意，在 Centos 5 上，我还需要：

yum install openssl-devel

To allow cryptography to build

允许建立密码学

All of the solutions given here haven't helped (I'm constrained to python 2.6.6). I've found the answer in a simple switch to pass to pip:

这里给出的所有解决方案都没有帮助（我仅限于 python 2.6.6）。我在传递给 pip 的简单开关中找到了答案：

$ sudo pip install --trusted-host pypi.python.org <module_name>

This tells pip that it's OK to grab the module from pypi.python.org.

这告诉 pip 可以从 pypi.python.org 获取模块。

For me, the issue is my company's proxy behind it's firewall that makes it look like a malicious client to some servers. Hooray security.

对我来说，问题是我公司在防火墙后面的代理使它看起来像某些服务器的恶意客户端。万岁安全。

Update: See @Alex 's answer for changes in the PyPi domains, and additional --trusted-hostoptions that can be added. (I'd copy/paste here, but his answer, so +1 him)

更新：有关PyPi 域中的更改以及可以添加的其他选项，请参阅@Alex的 回答--trusted-host。（我会在这里复制/粘贴，但他的回答，所以 +1 他）

I had to go to bash(from ZSH) first. Then

我必须先去bash（从 ZSH）。然后

sudo -H pip install 'requests[security]' --upgrade

fixed the problem.

解决了这个问题。