Python Windows 上的 Pip SSL 错误
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/49943410/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Pip SSL Error on Windows
提问by Alexander
I use Python 3.x on Windows 7 64 bit in an environment without full control of inbound/outbound traffic processing. Up till this week I've been able to use the --trusted-host pypi.python.orgflag with pip and everything worked. This week I have started getting the following error even with the --trusted-hostflag.
我在没有完全控制入站/出站流量处理的环境中在 Windows 7 64 位上使用 Python 3.x。直到本周,我已经能够在--trusted-host pypi.python.orgpip 中使用该标志,并且一切正常。本周,即使有--trusted-host标志,我也开始收到以下错误。
Could not fetch URL https://pypi.python.org/simple/pytubes/: There was a probl
em confirming the ssl certificate: [SSL: CERTIFICATE_VERIFY_FAILED] certificate
verify failed (_ssl.c:720) - skipping
I tried changing the --trusted-hostflag to https://files.pythonhosted.org/packages/in light of the pypi change this week, but that didn't seem to help.
鉴于本周 pypi 的变化,我尝试将--trusted-host标志https://files.pythonhosted.org/packages/更改为 ,但这似乎没有帮助。
I also tried downloading and installing the wheels of certifi, wincerstore and win32 certifi as well as other stackoverflow suggestions for this kind of issue such as the digistore .pem cert and pip.ini file without any success.
我还尝试下载和安装 certifi、wincerstore 和 win32 certifi 的轮子以及针对此类问题的其他 stackoverflow 建议,例如 digistore .pem cert 和 pip.ini 文件,但没有任何成功。
pip 安装失败并显示“连接错误:[SSL: CERTIFICATE_VERIFY_FAILED] 证书验证失败 (_ssl.c:598)”
Finally I tried upgrading pip to pip 10 from pip 9.0.3 following the instructions here: https://pip.pypa.io/en/stable/installing/
最后,我尝试按照此处的说明将 pip 从 pip 9.0.3 升级到 pip 10:https: //pip.pypa.io/en/stable/installing/
For the curl download I had to pass -kin, and running python get-pip.pyfails with a similar ssl error to pip:
对于 curl 下载,我必须传入-k,并且运行python get-pip.py失败并出现与 pip 类似的 ssl 错误:
Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:749)'),)': /simple/pip/
Could not fetch URL https://pypi.org/simple/pip/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host='pypi.org', port=443): Max retries exceeded with url: /simple/pip/ (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:749)'),)) - skipping
Could not find a version that satisfies the requirement pip (from versions: )
No matching distribution found for pip
Could not fetch URL https://pypi.org/simple/pip/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host='pypi.org', port=443): Max retries exceeded with url: /simple/pip/ (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:749)'),)) - skipping
Appreciate any suggestions for next steps since the .pem file, Python CA packages and --trusted-hostflag didn't do the trick
感谢对后续步骤的任何建议,因为 .pem 文件、Python CA 包和--trusted-host标志没有起到作用
Edit:
编辑:
New output with the -vvv flag in pip from an answer below.
来自以下答案的 pip 中带有 -vvv 标志的新输出。
> pip install pytubes -vvv
Config variable 'Py_DEBUG' is unset, Python ABI tag may be incorrect
Config variable 'WITH_PYMALLOC' is unset, Python ABI tag may be incorrect
Collecting pytubes
1 location(s) to search for versions of pytubes:
* https://pypi.python.org/simple/pytubes/
Getting page https://pypi.python.org/simple/pytubes/
Looking up "https://pypi.python.org/simple/pytubes/" in the cache
No cache entry available
Starting new HTTPS connection (1): pypi.python.org
Could not fetch URL https://pypi.python.org/simple/pytubes/: There was a probl
em confirming the ssl certificate: [SSL: CERTIFICATE_VERIFY_FAILED] certificate
verify failed (_ssl.c:749) - skipping
Could not find a version that satisfies the requirement pytubes (from versions
: )
Cleaning up...
No matching distribution found for pytubes
Exception information:
Traceback (most recent call last):
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\basecommand.py", line 215
, in main
status = self.run(options, args)
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\commands\install.py", lin
e 335, in run
wb.build(autobuilding=True)
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\wheel.py", line 749, in b
uild
self.requirement_set.prepare_files(self.finder)
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\req\req_set.py", line 380
, in prepare_files
ignore_dependencies=self.ignore_dependencies))
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\req\req_set.py", line 554
, in _prepare_file
require_hashes
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\req\req_install.py", line
278, in populate_link
self.link = finder.find_requirement(self, upgrade)
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\index.py", line 514, in f
ind_requirement
'No matching distribution found for %s' % req
pip.exceptions.DistributionNotFound: No matching distribution found for pytubes
Looking up "https://pypi.python.org/pypi/pip/json" in the cache
No cache entry available
Starting new HTTPS connection (1): pypi.python.org
There was an error checking the latest version of pip
Traceback (most recent call last):
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\_vendor\requests\packages
\urllib3\connectionpool.py", line 595, in urlopen
chunked=chunked)
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\_vendor\requests\packages
\urllib3\connectionpool.py", line 352, in _make_request
self._validate_conn(conn)
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\_vendor\requests\packages
\urllib3\connectionpool.py", line 831, in _validate_conn
conn.connect()
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\_vendor\requests\packages
\urllib3\connection.py", line 289, in connect
ssl_version=resolved_ssl_version)
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\_vendor\requests\packages
\urllib3\util\ssl_.py", line 308, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File "C:\ProgramData\Anaconda3\lib\ssl.py", line 401, in wrap_socket
_context=self, _session=session)
File "C:\ProgramData\Anaconda3\lib\ssl.py", line 808, in __init__
self.do_handshake()
File "C:\ProgramData\Anaconda3\lib\ssl.py", line 1061, in do_handshake
self._sslobj.do_handshake()
File "C:\ProgramData\Anaconda3\lib\ssl.py", line 683, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c
:749)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\_vendor\requests\adapters
.py", line 423, in send
timeout=timeout
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\_vendor\requests\packages
\urllib3\connectionpool.py", line 621, in urlopen
raise SSLError(e)
pip._vendor.requests.packages.urllib3.exceptions.SSLError: [SSL: CERTIFICATE_VER
IFY_FAILED] certificate verify failed (_ssl.c:749)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\utils\outdated.py", line
126, in pip_version_check
headers={"Accept": "application/json"},
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\_vendor\requests\sessions
.py", line 488, in get
return self.request('GET', url, **kwargs)
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\download.py", line 386, i
n request
return super(PipSession, self).request(method, url, *args, **kwargs)
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\_vendor\requests\sessions
.py", line 475, in request
resp = self.send(prep, **send_kwargs)
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\_vendor\requests\sessions
.py", line 596, in send
r = adapter.send(request, **kwargs)
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\_vendor\cachecontrol\adap
ter.py", line 47, in send
resp = super(CacheControlAdapter, self).send(request, **kw)
File "C:\ProgramData\Anaconda3\lib\site-packages\pip\_vendor\requests\adapters
.py", line 497, in send
raise SSLError(e, request=request)
pip._vendor.requests.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certi
ficate verify failed (_ssl.c:749)
回答by Alexander
What ended up working for me is to add all the domains that are part of the new pypi routing.
最终对我有用的是添加所有属于新 pypi 路由的域。
pip install --trusted-host pypi.org --trusted-host pypi.python.org --trusted-host files.pythonhosted.org <package>
Which can also be setup in a pip.ini file.
也可以在 pip.ini 文件中设置。
回答by George Kettleborough
You're probably behind a nasty proxy server that does a man-in-the-middle attack to do deep packet inspection. You need to obtain the CA certificate file from your proxy admin in order to tell Python that everything is OK. You could also extract this from your web browser or anything else that is configured to work with the proxy.
您可能在一个讨厌的代理服务器后面,它会进行中间人攻击以进行深度数据包检查。您需要从代理管理员那里获取 CA 证书文件,以便告诉 Python 一切正常。您还可以从您的 Web 浏览器或任何其他配置为与代理一起使用的东西中提取它。
When you have obtained the certificate, you can either add it to the cacert.pem file of the certifi package, or tell pip about it directly with the --certoption, or global.certin the pip.conf file.
获得证书后,可以将其添加到certifi包的cacert.pem文件中,也可以直接用--cert选项告诉pip ,或者global.cert在pip.conf文件中。
回答by GiulioP
I have been having similar problems with pip since a few days ago. It looks like they have updated the security certificate for pypi.python.org, since it's valid from March 28th 2018, and it currently only supports TLS 1.2.
自几天前以来,我一直在使用 pip 遇到类似的问题。看起来他们已经更新了 pypi.python.org 的安全证书,因为它从 2018 年 3 月 28 日起有效,目前仅支持 TLS 1.2。
For information about the currently used certificate, see here.
有关当前使用的证书的信息,请参见此处。
EDIT:
编辑:
Possible duplicate of pip always fails ssl verification
pip 的可能重复项总是无法通过 ssl 验证
EDIT2:
编辑2:
@Alexander: Which version of Python 3.X are you using exactly? Make sure you have at least Python 3.1, just do python --version.
@Alexander:您使用的是哪个版本的 Python 3.X?确保你至少有 Python 3.1,只需执行python --version.
EDIT3:
编辑3:
I meant: 3.6.1.
我的意思是:3.6.1。
回答by Soohan Kim
I had the same proplem and I solved it during the installation of tensorflow. Here is the solution in steps:
我有同样的问题,我在 tensorflow 的安装过程中解决了它。这是分步骤的解决方案:
Access the file relevant to SSL. Find the folder in the install location, where
sessions.pyis located. (I guess it is in folder ~~~?pip?vender?requests)Open
sessions.pyand modifyself.verify = Truetoself.verify = FalseInstall using trusted host code as below
pip install --trusted-host pypi.org --trusted-host files.pythonhosted.org <package name>
访问与 SSL 相关的文件。在安装位置找到文件夹,所在
sessions.py位置。(我猜它在文件夹~~~?pip?vender?requests 中)打开
sessions.py并修改self.verify = True为self.verify = False使用受信任的主机代码安装,如下所示
pip install --trusted-host pypi.org --trusted-host files.pythonhosted.org <package name>
回答by Raviteja Minamanur
Best solution i felt is:- Access the file relevant to SSL. Find the folder in the install location, where sessions.py is located. (I guess it is in folder ~~~?pip?vender?requests)
我觉得最好的解决方案是:-访问与 SSL 相关的文件。在安装位置找到sessions.py所在的文件夹。(我猜它在文件夹~~~?pip?vender?requests 中)
Open sessions.py and modify self.verify = True to self.verify = False
打开sessions.py,修改self.verify = True为self.verify = False
Install using trusted host code as below
使用受信任的主机代码安装,如下所示
