easy_install and pip fail with SSL warnings

python openssl rhel6 sni pip
17,891

Simply have a look to the link provided in the error message ;)

https://urllib3.readthedocs.io/en/latest/security.html#insecureplatformwarning

SNIMissingWarning

This happens on Python 2 versions older than 2.7.9. These older versions lack SNI support. This can cause servers to present a certificate that the client thinks is invalid. Follow the pyOpenSSL guide to resolve this warning.

The pyOpenSSL links returns :

Certificate verification in Python 2

Older versions of Python 2 are built with an ssl module that lacks SNI support and can lag behind security updates. For these reasons it’s recommended to use pyOpenSSL.

If you install urllib3 with the secure extra, all required packages for certificate verification on Python 2 will be installed:

pip install urllib3[secure]

If you want to install the packages manually, you will need pyOpenSSL, cryptography, idna, and certifi

Share:
17,891
RCross
Author by

RCross

Updated on September 18, 2022

Comments

  • RCross
    RCross over 1 year

    I'm looking after some RHEL6 servers and trying to set them up to use an internal PyPi server (proxied by Nexus 3).

    The problem is that our internal PyPi server is one of several SSL VHosts on the same Nginx server, and Python 2.6 is not SNI compatible; thus, easy_install fails because it's trying to download from the wrong Vhost URL and pip fails with SNIMissingWarning and InsecurePlatformWarning.

    I looked at the advice on https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings but it seems this is a workaround for your own scripts; it doesn't address problems in Python itself. I installed urllib3 and the associated packages anyway, and the problem remains.

    [[email protected] ~]# pip install --index https://nexus3.internal/repository/pypi-proxy/simple twine
DEPRECATION: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of pip will drop support for Python 2.6
Collecting twine
/usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:318: SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject Name Indication) extension to TLS is not available on this platform. This may cause the server to present an incorrect TLS certificate, which can cause validation failures. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/security.html#snimissingwarning.
  SNIMissingWarning
/usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:122: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/security.html#insecureplatformwarning.
  InsecurePlatformWarning
  Could not fetch URL https://nexus3.internal/repository/pypi-proxy/simple/twine/: There was a problem confirming the ssl certificate: [Errno 1] _ssl.c:490: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed - skipping
  Could not find a version that satisfies the requirement twine (from versions: )
No matching distribution found for twine
    • macetw
      macetw over 6 years
      I wonder if it works to do: > pip install "urllib3[secure]"
    • Michael Hampton
      Michael Hampton about 6 years
      You should open a case with Red Hat.
  • Taz8du29
    Taz8du29 about 5 years
    You can also download the package from pypi, and then install it from local drive :)
  • Lucas Ou-Yang
    Lucas Ou-Yang almost 3 years
    If you are having trouble upgrading your version of Python, consider using pyenv to do it for you instead of your package manager. It worked on my ancient Ubuntu 14.04 box! github.com/pyenv/pyenv

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

HTTPSHandler error while installing pip with python 2.7.9
pip raises ImportError: cannot import name HTTPSHandler
Pip Error : 'module' object has no attribute 'Cryptography_HAS_SSL_ST'
Python3.6 ImportError: cannot import name 'main' Linux RHEL6
"pip is configured with locations that require TLS/SSL, however the ssl module in Python is not available"
ImportError: cannot import name HTTPSHandler using PIP
Pip Install Twisted Error 1
Kali Linux (Debian) can't install pip.py
AWS throws the following error: "bad interpreter: No such file or directory"
How to resize sg.window in PYsimpleGUI?