Skip to content

Instantly share code, notes, and snippets.

@chaddupuis
Created December 21, 2022 19:26
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save chaddupuis/313dc89be66a7864b06d9c470c6a757f to your computer and use it in GitHub Desktop.
Django Recaptcha fix for SSL:CERTIFICATE_VERIFY_FAILED unable to get local issuer
'''
There are likely a few fixes for this but you are likely to see this error
if your app needs to reach out to an https server (in this case https://google.com)
and it cannot verify the ssl certificate.
The certifi package ( https://pypi.org/project/certifi/ ) provides a
curated collection of Root Certificates that avoids this.
pip install certifi - then in your settings you just need to set
the environmental variable for REQUESTS_CA_BUNDLE and SSL_CERT_FILE.
This can be done in your settings.py.
On pip upgrades you may need to specify the location of the cacert by doing:
python -c "import certifi; print(certifi.where())"
note the path
and then do pip install -r requirements.txt --cert={path from above}
'''
## AVOID ISSUER CERT ERRORS WITH RECAPTCHA SSL
# Generally to test
# import os
# import certifi
# import urllib
# urllib.request.urlopen('https://google.com/') will fail
# then
# >>> os.environ["REQUESTS_CA_BUNDLE"] = certifi.where()
#>>> os.environ["SSL_CERT_FILE"]=certifi.where()
# now the request will work
import os
import certifi
os.environ["REQUESTS_CA_BUNDLE"] = certifi.where()
os.environ["SSL_CERT_FILE"] = certifi.where()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment