➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2021-03-04 18:53 by dreamsorcerer, last changed 2022-04-11 14:59 by admin. This issue is now closed.
| Messages (2) | |||
|---|---|---|---|
| msg388123 - (view) | Author: Sam Bull (dreamsorcerer) * | Date: 2021-03-04 18:53 | |
After installing the latest version of Python on Mac OS X using the installer downloaded from python.org (https://www.python.org/ftp/python/3.9.2/python-3.9.2-macosx10.9.pkg), the installed version of Python is unable to find the system certificates. Using the old version of Python located at /usr/local/Cellar/python/3.7.5/bin/python3, I get: >>> ssl.create_default_context().cert_store_stats() {'x509': 168, 'crl': 0, 'x509_ca': 168} But, with the new version located at /Library/Frameworks/Python.framework/Versions/3.9/bin/python3, I get: >>> ssl.create_default_context().cert_store_stats() {'x509': 0, 'crl': 0, 'x509_ca': 0} Looking around on the internet, this seems to be a pretty common issue on Mac, but is often getting misdiagnosed as an actual problem with the server's certificate. Because of that, nobody seems to have proposed any methods to fix it. Examples: https://github.com/aio-libs/aiohttp/issues/5375 https://stackoverflow.com/questions/65039677/unable-to-get-local-issuer-certificate-mac-os#comment115039330_65040851 |
|||
| msg388144 - (view) | Author: Ned Deily (ned.deily) *  |
Date: 2021-03-05 05:47 | |
When installing current Pythons for macOS downloaded from python.org, you will need to run the "Install Certificates.command" file installed into the /Applications/Python 3.x" folder for the version installed. This is noted in the initial screen when running the installer: "At the end of this install, click on Install Certificates to install a set of current SSL root certificates." It is also described in more detail in the "Read Me" file is also displayed by the installer and a copy of which is also installed in the /Applications/Python 3.x folder. "Certificate verification and OpenSSL This package includes its own private copy of OpenSSL 1.1.1. The trust certificates in system and user keychains managed by the Keychain Access application and the security command line utility are not used as defaults by the Python ssl module. A sample command script is included in /Applications/Python 3.9 to install a curated bundle of default root certificates from the third-party certifi package (https://pypi.org/project/certifi/). Double-click on Install Certificates to run it. The bundled pip has its own default certificate store for verifying download connections." The installer also opens the /Applications/Python 3.x folder in a Finder window to make all of these files immediately accessible. |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:59:42 | admin | set | github: 87570 |
| 2021-11-19 14:31:08 | christian.heimes | link | issue45839 superseder |
| 2021-03-05 05:47:32 | ned.deily | set | status: open -> closed nosy: + ned.deily messages: + msg388144 resolution: not a bug stage: resolved |
| 2021-03-04 18:53:25 | dreamsorcerer | create | |