![]() |
Need help setting up trusted root ca in virtual environment - Printable Version +- Python Forum (https://python-forum.io) +-- Forum: Python Coding (https://python-forum.io/forum-7.html) +--- Forum: General Coding Help (https://python-forum.io/forum-8.html) +--- Thread: Need help setting up trusted root ca in virtual environment (/thread-42234.html) |
Need help setting up trusted root ca in virtual environment - dstempfley - May-31-2024 I have a RHEL 8 system and am writing a script that uses requests to access an internal website. The environment is configured with the internal certificate authority in the correct location and python scripts can access the website with a get request. I didn't set that up, but it works. But when I create a virtual environment with python -m venv <path> and then use . <path>/bin/activate the get request does not use the trusted roots configured in the environment. What do I need to do to setup the virtual environment to match the system environment? Example: ------------------------------- [~]$ python3 Python 3.6.8 (default, Apr 25 2024, 09:54:46) [GCC 8.5.0 20210514 (Red Hat 8.5.0-22)] on linux Type "help", "copyright", "credits" or "license" for more information. >>> import requests >>> res = requests.get("https://internalsite") >>> res.status_code 200 >>> [~]$ python3 -m venv venvtest [~]$ . ./venvtest/bin/activate (venvtest) [ ~]$ pip install requests Collecting requests Using cached requests-2.27.1-py2.py3-none-any.whl (63 kB) Collecting urllib3<1.27,>=1.21.1 Using cached urllib3-1.26.18-py2.py3-none-any.whl (143 kB) Collecting certifi>=2017.4.17 Using cached certifi-2024.2.2-py3-none-any.whl (163 kB) Collecting charset-normalizer~=2.0.0 Using cached charset_normalizer-2.0.12-py3-none-any.whl (39 kB) Collecting idna<4,>=2.5 Using cached idna-3.7-py3-none-any.whl (66 kB) Installing collected packages: urllib3, idna, charset-normalizer, certifi, requests Successfully installed certifi-2024.2.2 charset-normalizer-2.0.12 idna-3.7 requests-2.27.1 urllib3-1.26.18 (venvtest) [ ~]$ python3 Python 3.6.8 (default, Apr 25 2024, 09:54:46) [GCC 8.5.0 20210514 (Red Hat 8.5.0-22)] on linux Type "help", "copyright", "credits" or "license" for more information. >>> import requests >>> res = requests.get("https://internalsite") Traceback (most recent call last): File "/home/user/venvtest/lib64/python3.6/site-packages/urllib3/connectionpool.py", line 722, in urlopen chunked=chunked, File "/home/user/venvtest/lib64/python3.6/site-packages/urllib3/connectionpool.py", line 404, in _make_request self._validate_conn(conn) File "/home/user/venvtest/lib64/python3.6/site-packages/urllib3/connectionpool.py", line 1058, in _validate_conn conn.connect() File "/home/user/venvtest/lib64/python3.6/site-packages/urllib3/connection.py", line 429, in connect tls_in_tls=tls_in_tls, File "/home/user/venvtest/lib64/python3.6/site-packages/urllib3/util/ssl_.py", line 450, in ssl_wrap_socket sock, context, tls_in_tls, server_hostname=server_hostname File "/home/user/venvtest/lib64/python3.6/site-packages/urllib3/util/ssl_.py", line 493, in _ssl_wrap_socket_impl return ssl_context.wrap_socket(sock, server_hostname=server_hostname) File "/usr/lib64/python3.6/ssl.py", line 365, in wrap_socket _context=self, _session=session) File "/usr/lib64/python3.6/ssl.py", line 810, in __init__ self.do_handshake() File "/usr/lib64/python3.6/ssl.py", line 1070, in do_handshake self._sslobj.do_handshake() File "/usr/lib64/python3.6/ssl.py", line 648, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897) During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/home/user/venvtest/lib64/python3.6/site-packages/requests/adapters.py", line 450, in send timeout=timeout File "/home/user/venvtest/lib64/python3.6/site-packages/urllib3/connectionpool.py", line 800, in urlopen method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2] File "/home/user/venvtest/lib64/python3.6/site-packages/urllib3/util/retry.py", line 592, in increment raise MaxRetryError(_pool, url, error or ResponseError(cause)) urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='internalsite', port=443): Max retries exceeded with url: / (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)'),)) During handling of the above exception, another exception occurred: Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/home/user/venvtest/lib64/python3.6/site-packages/requests/api.py", line 75, in get return request('get', url, params=params, **kwargs) File "/home/user/venvtest/lib64/python3.6/site-packages/requests/api.py", line 61, in request return session.request(method=method, url=url, **kwargs) File "/home/user/venvtest/lib64/python3.6/site-packages/requests/sessions.py", line 529, in request resp = self.send(prep, **send_kwargs) File "/home/user/venvtest/lib64/python3.6/site-packages/requests/sessions.py", line 645, in send r = adapter.send(request, **kwargs) File "/home/user/venvtest/lib64/python3.6/site-packages/requests/adapters.py", line 517, in send raise SSLError(e, request=request) requests.exceptions.SSLError: HTTPSConnectionPool(host='internalsite', port=443): Max retries exceeded with url: / (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)'),)) >>> ----------------------------- |