I currently get the following error when installing ANY package via pip (this is just a single example). I'm running Anaconda on Windows 7 behind a corporate proxy. I've tried turning off SSL verification in the Anaconda Navigator preferences but it does not seem to matter. I've updated to the latest pip (10) although this issue was happening on versions 9.0.1 and 9.0.3.
I have updated the pip.ini file to contain pypi.python.org as a trusted host and I've also included the proxy settings in the same file. I've also checked that that the condarc file has the relevant proxy settings. In that file I have tested with SSL_verify being true OR false and neither has worked so I'm at a loss as to the cause of this. I don't have these issues on conda-forge channels.
(base) C:Usersuser>pip install --trusted-host pypi.python.org rgf_python
Collecting rgf_python
Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None))
after connection broken by 'SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAIL
ED] certificate verify failed (_ssl.c:777)'),)': /simple/rgf-python/
Retrying (Retry(total=3, connect=None, read=None, redirect=None, status=None))
after connection broken by 'SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAIL
ED] certificate verify failed (_ssl.c:777)'),)': /simple/rgf-python/
Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None))
after connection broken by 'SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAIL
ED] certificate verify failed (_ssl.c:777)'),)': /simple/rgf-python/
Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None))
after connection broken by 'SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAIL
ED] certificate verify failed (_ssl.c:777)'),)': /simple/rgf-python/
Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None))
after connection broken by 'SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAIL
ED] certificate verify failed (_ssl.c:777)'),)': /simple/rgf-python/
Could not fetch URL https://pypi.org/simple/rgf-python/: There was a problem c
onfirming the ssl certificate: HTTPSConnectionPool(host='pypi.org', port=443): M
ax retries exceeded with url: /simple/rgf-python/ (Caused by SSLError(SSLError(1
, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)'),))
- skipping
Could not find a version that satisfies the requirement rgf_python (from versi
ons: )
No matching distribution found for rgf_python
Below is my current configuation:
(base) C:Usersuser>conda info
active environment : base active env location : D:\Continuum\anaconda3 shell level : 1 user config file : C:\Users\user\.condarcpopulated config files : C:Usersuser.condarc
conda version : 4.4.10
conda-build version : 3.4.1
python version : 3.6.4.final.0
base environment : D:Continuumanaconda3 (writable)
channel URLs : https://conda.anaconda.org/conda-forge/win-64
https://conda.anaconda.org/conda-forge/noarch
https://repo.continuum.io/pkgs/main/win-64
https://repo.continuum.io/pkgs/main/noarch
https://repo.continuum.io/pkgs/free/win-64
https://repo.continuum.io/pkgs/free/noarch
https://repo.continuum.io/pkgs/r/win-64
https://repo.continuum.io/pkgs/r/noarch
https://repo.continuum.io/pkgs/pro/win-64
https://repo.continuum.io/pkgs/pro/noarch
https://repo.continuum.io/pkgs/msys2/win-64
https://repo.continuum.io/pkgs/msys2/noarch
package cache : D:Continuumanaconda3pkgs
C:UsersuserAppDataLocalcondacondapkgs
envs directories : D:Continuumanaconda3envs
C:UsersuserAppDataLocalcondacondaenvs
C:Usersuser.condaenvs
platform : win-64
user-agent : conda/4.4.10 requests/2.18.4 CPython/3.6.4 Windows/7 W
indows/6.1.7601
administrator : False
netrc file : None
MotoRZR
All 18 comments
I'm having the same issue. I know PyPI just switched something in the backend, but trying various combinations of pypi.org and pythonhosted.org as trusted hosts don't seem to help. Happy to provide more information about my set up if that's useful, but I'm assuming this is probably just a question of getting the correct trusted host(s) set up.
starcruiseromega
on 18 Apr 2018
I was able to workaround this issue for now by installing the certifi package using an upgraded pip before installing any other packages.
mback2k
on 19 Apr 2018
Nothing is working
PIP 10.0.0
Python 3.6
OS Win 10
Tried certifi way, didnt worked. Tried pip 9.0.3 didnt worked.
ashwinipatankar
on 19 Apr 2018
I was able to workaround this issue for now by installing the certifi package using an upgraded pip before installing any other packages.
Unfortunately, this won't help with corporate proxies when the certificate is self-signed. We previously used "pypi.python.org" with the "trusted_host" setting to avoid certificate problems, but it looks like after the backend changes this isn't sufficient.
@ashwinipatankar are you also going through a proxy?
starcruiseromega
on 19 Apr 2018
yes
just now updated the pip to 10.0.1 and same issues.
ashwinipatankar
on 19 Apr 2018
Experiencing the same issues behind corporate proxy:
PS C:Usershyw> pip install --trusted-host pypi.python.org --upgrade boto3
Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'ProxyError('Cannot connect to proxy.', OSError('Tunnel connection failed: 407 Proxy Authentication Required',))': /simple/boto3/
Collecting boto3
Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)'),)': /packages/99/49/20985d614dbf489ab0b381111593864b62a050f457dc44ba6301572debe9/boto3-1.7.5-py2.py3-none-any.whl
Retrying (Retry(total=3, connect=None, read=None, redirect=None, status=None)) after connection broken by 'ProxyError('Cannot connect to proxy.', OSError('Tunnel connection failed: 407 Proxy Authentication Required',))': /packages/99/49/20985d614dbf489ab0b381111593864b62a050f457dc44ba6301572debe9/boto3-1.7.5-py2.py3-none-any.whl
Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)'),)': /packages/99/49/20985d614dbf489ab0b381111593864b62a050f457dc44ba6301572debe9/boto3-1.7.5-py2.py3-none-any.whl
Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None)) after connection broken by 'ProxyError('Cannot connect to proxy.', OSError('Tunnel connection failed: 407 Proxy Authentication Required',))': /packages/99/49/20985d614dbf489ab0b381111593864b62a050f457dc44ba6301572debe9/boto3-1.7.5-py2.py3-none-any.whl
Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'ProxyError('Cannot connect to proxy.', OSError('Tunnel connection failed: 407 Proxy Authentication Required',))': /packages/99/49/20985d614dbf489ab0b381111593864b62a050f457dc44ba6301572debe9/boto3-1.7.5-py2.py3-none-any.whl
Python 3.6.4
pip 10.0.0
Windows 10
kiksekage
on 20 Apr 2018
Pinging @dstufft, @ewdurbin and @brainwane on this.
pradyunsg
on 20 Apr 2018
It appears the issue is a corporate proxy/firewall/mitm-box is not allowing traffic to pypi.org and/or files.pythonhosted.org.
tl;dr
You need access to:
pypi.org(PyPI)files.pythonhosted.org(PyPI Files Hosting)pypi.python.org(Legacy)
Brain dump
Domains of PyPI
Interacting with the Index currently has 3 hostnames:
pypi.org ("PyPI")
This serves the web UI, /simple index, JSON documents, and other APIs
files.pythonhosted.org ("PyPI Files Hosting")
This serves packages uploaded to PyPI
pypi.python.org ("Legacy")
Effectively a massive redirect service now, redirecting requests to the appropriate new location on pypi.org or files.pythonhosted.org
What Changed?
Before the rollout of pypi.org, the only hostname necessary to interact with the index was pypi.python.org. Now you must be able to connect (over TLS) to pypi.org and files.pythonhosted.org. Files hosting was moved to its own domain during the migration.
Before
Previously simple index calls to pypi.python.org responded with relative URLs on the existing service
<a href="../../packages/bb/69/a9fb8adbbc0a7b..........
After
Now simple index calls to pypi.org respond with absolute URLS to the files service.
<a href="https://files.pythonhosted.org/packages/bb/69/a9fb8adbbc0a7b.........
ewdurbin
on 20 Apr 2018
i can access all the three urls in a browser (corporate proxy), but pip fails.
ashwinipatankar
on 20 Apr 2018
@ashwinipatankar Same here, resolution was to trust all 3 of the domains listed above. For example, to upgrade pip:
python -m pip install --trusted-host pypi.python.org --trusted-host files.pythonhosted.org --trusted-host pypi.org --upgrade pip
brianmxwll
on 20 Apr 2018
@brianmxwll Thanks it worked.
ashwinipatankar
on 20 Apr 2018
Trusting the additional domains worked for me. Thank you!
MotoRZR
on 20 Apr 2018
Thanks @ewdurbin! You're awesome. :)
I'll close this issue since OP's problem is now resolved.
pradyunsg
on 20 Apr 2018
The command line above works for me, but I can't get this to work from a pip.ini file. I tried:
[global]
trusted-host=
pypi.python.org
pypi.org
files.pythonhosted.org
which seems like the correct syntax. @pradyunsg would you like me to file another issue about this?
starcruiseromega
on 20 Apr 2018
Yeps!
pradyunsg
on 20 Apr 2018
Ah, actually, never mind, some meticulous searching turned up an additional config file that was interfering. Looks like the snippet posted above does work, thanks!
starcruiseromega
on 20 Apr 2018
@starcruiseromega pip config is a helper, in such situations. :)
pradyunsg
on 20 Apr 2018
Trusting the additional domains worked for me, also. Thanks!!!
guilhermeheinen
on 13 May 2018
Related issues
pradyunsg
路
3Comments
ncoghlan
路
3Comments
JordanReiter
路
3Comments
imzi
路
3Comments
nathan130200
路
3Comments
Most helpful comment
@ashwinipatankar Same here, resolution was to trust all 3 of the domains listed above. For example, to upgrade pip:
python -m pip install --trusted-host pypi.python.org --trusted-host files.pythonhosted.org --trusted-host pypi.org --upgrade pip