Closed resmit closed 2 years ago
Hi @resmit , I'm not able to replicate this issue, the error suggests 'raw.githubusercontent.com' is serving a wrong certificate, but I think this is unlikely, could you check from your side? the cause of the error could be a software blocking the communication with Github servers.
Hi Yeison,
Looks like a certificate error on my end. Not software blocking access.
curl https://raw.githubusercontent.com
curl: (60) SSL certificate problem: unable to get local issuer certificate
One guess is: old cert.pem file.
Will investigate.
Thanks.
Rick Smith Lead Developer
Cyberseer Limited 10 Lower Thames Street, London, EC3R 6AF T: +44 (0)203 823 9030 | M: +44 (0)7981 893897 E: @.**@.> W: www.cyberseer.nethttp://www.cyberseer.net/ |@CyberseerNethttps://twitter.com/cyberseernet
This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. Cyberseer Ltd, 10 Lower Thames Street, London, EC3R 6AF.
From: Yeison Vargas @.> Date: Thursday, 22 July 2021 at 15:03 To: pyupio/safety @.> Cc: Rick Smith @.>, Mention @.> Subject: Re: [pyupio/safety] SSL: CERTIFICATE_VERIFY_FAILED (#345)
Hi @resmithttps://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fresmit&data=04%7C01%7Crick.smith%40cyberseer.net%7C506b9a06bd764289c01f08d94d1975f5%7Cc24fb25dd3d3492abe35f5d8336f102a%7C1%7C0%7C637625594015665734%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=YSFwPeiqHb0KNT1i3mCiH%2FkQlNcTd1RqBexzVpCi1Ds%3D&reserved=0 , I'm not able to replicate this issue, the error suggests 'raw.githubusercontent.com' is serving a wrong certificate, but I think this is unlikely, could you check from your side? the cause of the error could be a software blocking the communication with Github servers.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fpyupio%2Fsafety%2Fissues%2F345%23issuecomment-884938403&data=04%7C01%7Crick.smith%40cyberseer.net%7C506b9a06bd764289c01f08d94d1975f5%7Cc24fb25dd3d3492abe35f5d8336f102a%7C1%7C0%7C637625594015665734%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=FAbIv0Y%2FiWokvUkRouICy5gDKjcQ68zJxQ9IfZJgyBw%3D&reserved=0, or unsubscribehttps://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAU55T7FKE7VIWIGLONOP7DTTZAQKNANCNFSM5AZWXRAA&data=04%7C01%7Crick.smith%40cyberseer.net%7C506b9a06bd764289c01f08d94d1975f5%7Cc24fb25dd3d3492abe35f5d8336f102a%7C1%7C0%7C637625594015675730%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=A96a9Ow6IQcnUvXJGMeIDGtxlVx0CAHzEnAE8WeX8pw%3D&reserved=0.
Hi Yeison,
A little late, but found problem. I was logged into a vpn and some software was blocking access. No vpn connection everything is ok. Sorry for the wild goose chase.
Rick Smith Lead Developer
Cyberseer Limited 10 Lower Thames Street, London, EC3R 6AF T: +44 (0)203 823 9030 | M: +44 (0)7981 893897 E: @.**@.> W: www.cyberseer.nethttp://www.cyberseer.net/ @.***https://twitter.com/cyberseernet
This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. Cyberseer Ltd, 10 Lower Thames Street, London, EC3R 6AF.
From: Yeison Vargas @.> Date: Thursday, 22 July 2021 at 15:03 To: pyupio/safety @.> Cc: Rick Smith @.>, Mention @.> Subject: Re: [pyupio/safety] SSL: CERTIFICATE_VERIFY_FAILED (#345)
Hi @resmithttps://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fresmit&data=04%7C01%7Crick.smith%40cyberseer.net%7C506b9a06bd764289c01f08d94d1975f5%7Cc24fb25dd3d3492abe35f5d8336f102a%7C1%7C0%7C637625594015665734%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=YSFwPeiqHb0KNT1i3mCiH%2FkQlNcTd1RqBexzVpCi1Ds%3D&reserved=0 , I'm not able to replicate this issue, the error suggests 'raw.githubusercontent.com' is serving a wrong certificate, but I think this is unlikely, could you check from your side? the cause of the error could be a software blocking the communication with Github servers.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fpyupio%2Fsafety%2Fissues%2F345%23issuecomment-884938403&data=04%7C01%7Crick.smith%40cyberseer.net%7C506b9a06bd764289c01f08d94d1975f5%7Cc24fb25dd3d3492abe35f5d8336f102a%7C1%7C0%7C637625594015665734%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=FAbIv0Y%2FiWokvUkRouICy5gDKjcQ68zJxQ9IfZJgyBw%3D&reserved=0, or unsubscribehttps://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAU55T7FKE7VIWIGLONOP7DTTZAQKNANCNFSM5AZWXRAA&data=04%7C01%7Crick.smith%40cyberseer.net%7C506b9a06bd764289c01f08d94d1975f5%7Cc24fb25dd3d3492abe35f5d8336f102a%7C1%7C0%7C637625594015675730%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=A96a9Ow6IQcnUvXJGMeIDGtxlVx0CAHzEnAE8WeX8pw%3D&reserved=0.
Description
I have suddenly started getting SSL: CERTIFICATE_VERIFY_FAILED errors. safety was working perfectly fine. I have reinstalled the library, but get the same error.
What I Did
safety check Traceback (most recent call last): File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/urllib3/connectionpool.py", line 677, in urlopen chunked=chunked, File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/urllib3/connectionpool.py", line 381, in _make_request self._validate_conn(conn) File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/urllib3/connectionpool.py", line 978, in _validate_conn conn.connect() File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/urllib3/connection.py", line 371, in connect sslcontext=context, File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/urllib3/util/ssl.py", line 384, in ssl_wrap_socket return context.wrap_socket(sock, server_hostname=server_hostname) File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/ssl.py", line 407, in wrap_socket _context=self, _session=session) File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/ssl.py", line 817, in init self.do_handshake() File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/ssl.py", line 1077, in do_handshake self._sslobj.do_handshake() File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/ssl.py", line 689, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/requests/adapters.py", line 449, in send timeout=timeout File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/urllib3/connectionpool.py", line 727, in urlopen method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2] File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/urllib3/util/retry.py", line 439, in increment raise MaxRetryError(_pool, url, error or ResponseError(cause)) urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='raw.githubusercontent.com', port=443): Max retries exceeded with url: /pyupio/safety-db/master/data/insecure.json (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'),))
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "/Library/Frameworks/Python.framework/Versions/3.6/bin/safety", line 10, in
sys.exit(cli())
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/click/core.py", line 764, in call
return self.main(args, kwargs)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/click/core.py", line 717, in main
rv = self.invoke(ctx)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/click/core.py", line 1137, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/click/core.py", line 956, in invoke
return ctx.invoke(self.callback, ctx.params)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/click/core.py", line 555, in invoke
return callback(args, kwargs)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/safety/cli.py", line 71, in check
vulns = safety.check(packages=packages, key=key, db_mirror=db, cached=cache, ignore_ids=ignore, proxy=proxy_dictionary)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/safety/safety.py", line 138, in check
db = fetch_database(key=key, db=db_mirror, cached=cached, proxy=proxy)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/safety/safety.py", line 121, in fetch_database
data = fetch_database_url(mirror, db_name=db_name, key=key, cached=cached, proxy=proxy)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/safety/safety.py", line 90, in fetch_database_url
r = requests.get(url=url, timeout=REQUEST_TIMEOUT, headers=headers, proxies=proxy)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/requests/api.py", line 75, in get
return request('get', url, params=params, kwargs)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/requests/api.py", line 60, in request
return session.request(method=method, url=url, kwargs)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/requests/sessions.py", line 533, in request
resp = self.send(prep, send_kwargs)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/requests/sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/requests/adapters.py", line 514, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='raw.githubusercontent.com', port=443): Max retries exceeded with url: /pyupio/safety-db/master/data/insecure.json (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'),))