SSL: CERTIFICATE_VERIFY_FAILED when going through VPN

[Colgaton]

When working from home I have to connect to my company's network though a VPN and all my network traffic is routed through it. When connected to the vpn I get the following error after inputting my password:

Google Password: Open the Google App, and tap 'Yes' on the prompt to sign in ... There was a connection error, check your network settings: HTTPSConnectionPool(host='content.googleapis.com', port=443): Max retries exceeded with url: /cryptauth/v1/authzen/awaittx?alt=json&key=redacted (Caused by SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:726)'),))

We do SSL inspection what would be the probable issue here, but I have whitelisted content.googleapis.com so it doesn't do the inspection. But I still get the error.

I can confirm the whitelisting works because the certificate for that url is the google's one, not our firewall's. Any idea? Any way to add a option to ignore the cert verification?

[Colgaton]

It started working after a while, I wonder if it was cached somewhere. Now I'm getting an error because it tries to hit accounts.youtube.com and youtube is blocked. Anyone know why it tries to hit youtube?

[Colgaton]

And it stopped working again, complaining about content.googleapis.com.

openssl s_client -host content.googleapis.com -port 443 brings me the right cert all the times. I wonder what is going on.

[stevemac007]

This feels very much like a local networking issue - the tool doesn't do anything special with SSL - under the hood it is pretty much only using thee requests library to connect to Google.

There may be more information in the requests package for debugging this issue if becomes more prevalent.

[stevemac007]

I don't see this as something the package can fix - if further information on the cause of the issue is found happy to re-open the issue.