Page MenuHomePhabricator

SSL CERTIFICATE_VERIFY_FAILED on generating family file
Closed, InvalidPublic


Tested with the latest github build. SSL CERTIFICATE_VERIFY_FAILED for (which does have a valid SSL certificate):

$ python3 dndwiki
Generating family file from
Traceback (most recent call last):
  File "", line 226, in <module>
  File "", line 48, in run
    w = Wiki(self.base_url)
  File "/home/user/dndwiki/core/pywikibot/", line 58, in __init__
    r = fetch(fromurl)
  File "/home/user/dndwiki/core/pywikibot/comms/", line 530, in fetch
  File "/home/user/dndwiki/core/pywikibot/comms/", line 411, in error_handling_callback
    raise FatalServerError(str(
pywikibot.exceptions.FatalServerError: HTTPSConnectionPool(host='', port=443): Max retries exceeded with url: /wiki/Main_Page (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1051)')))
<class 'pywikibot.exceptions.FatalServerError'>
CRITICAL: Closing network session.
$ python3
Pywikibot: [https] r-p-pywikibot-core (3dbd82c, g10483, 2018/12/10, 11:41:03, ok)
Release version: 3.1.dev0
requests version: 2.20.0
  cacerts: /etc/pki/tls/certs/ca-bundle.crt
    certificate test: ok
Python: 3.7.1 (default, Nov 23 2018, 10:01:49) 
[GCC 8.2.1 20181105 (Red Hat 8.2.1-5)]
Config base dir: /home/user/dndwiki/core

Having a play in the meantime to just disable the HTTPS verification, but still frustratin' :(

Event Timeline

SgtLion created this task.Dec 12 2018, 8:22 PM
Restricted Application added a project: Traffic. · View Herald TranscriptDec 12 2018, 8:22 PM
Restricted Application added subscribers: pywikibot-bugs-list, Aklapper. · View Herald Transcript
SgtLion updated the task description. (Show Details)Dec 12 2018, 8:24 PM
Restricted Application added a project: Operations. · View Herald TranscriptDec 12 2018, 8:24 PM
SgtLion updated the task description. (Show Details)Dec 12 2018, 8:25 PM
BBlack added a subscriber: BBlack.

Tag edit because all of those are specific to WMF Ops and this ticket isn't!

Mpaa added a subscriber: Mpaa.Dec 12 2018, 9:11 PM

I don't think it is a pywikibot issue.

Krenair added a subscriber: Krenair.EditedDec 12 2018, 10:29 PM

Yeah it seems to be a problem with the configuration of that web server. It looks like is configured to send its own cert but not the cert that issued it. It's issued by RapidSSL RSA CA 2018:
I think browsers are forgiving about servers omitting intermediate CA certs that they've seen in the past. Other TLS code is not.

I suppose that makes sense; No surprise if this turns out to not be worth addressing, then~

Mpaa removed a subscriber: pywikibot-bugs-list.
Aklapper closed this task as Invalid.Dec 16 2018, 6:16 PM

Problem cannot be solved in Wikimedia code but only in webserver configuration, hence closing task