Pip: [Bug][PIP 10.0.1][Python2.7][Mac] Pip 10.0.1 --trusted-host not working

You shouldn't need --trusted-host for PyPI - it's only needed for sites that you're not using HTTPS for, and pip does use HTTPS for PyPI. So you'll need to give more information (OS, Python version, any config settings or relevant environment variables you have, are you using a proxy, etc).

It looks like pip is unable to connect to PyPI because "certificate verify failed" which sounds to me like it might be a proxy issue.

@pfmoore Thank you for the support. And we have found the root cause. Hope could be a fix for pip.

Here are the info you requested.
OS: macOS Sierra Version 10.12.6
Python: 2.7.10
Pip: 10.0.1
Environment: We are behind the proxy, and because of the security concern, our company does not trust all the https certificates.
Root Cause: Maybe caused by the pypi host has been changed from https://pypi.python.org to https://pypi.org/
Solution: Add more trusted hosts as following, and it should work:
sudo pip install --trusted-host=pypi.python.org --trusted-host=pypi.org --trusted-host=files.pythonhosted.org --upgrade --proxy=127.0.0.1:3128 robotframework

Logs:

ken-JSS572:~ ken$ python -V
Python 2.7.10
ken-JSS572:~ ken$ pip -V
pip 10.0.1 from /Library/Python/2.7/site-packages/pip (python 2.7)
ken-JSS572:~ ken$
ken-JSS572:~ ken$
ken-JSS572:~ ken$
ken-JSS572:~ ken$
ken-JSS572:~ ken$
ken-JSS572:~ ken$
ken-JSS572:~ ken$ sudo pip install --proxy=127.0.0.1:3128 --trusted-host=pypi.org robotframework
Password:
The directory '/Users/ken/Library/Caches/pip/http' or its parent directory is not owned by the current user and the cache has been disabled. Please check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
The directory '/Users/ken/Library/Caches/pip' or its parent directory is not owned by the current user and caching wheels has been disabled. check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
Collecting robotframework
  Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),)': /packages/72/1c/2f24cc6faec277a527fc1b5437e93f68d9c200b2bc18423d0c3b155707b7/robotframework-3.0.3.tar.gz
  Retrying (Retry(total=3, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),)': /packages/72/1c/2f24cc6faec277a527fc1b5437e93f68d9c200b2bc18423d0c3b155707b7/robotframework-3.0.3.tar.gz
  Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),)': /packages/72/1c/2f24cc6faec277a527fc1b5437e93f68d9c200b2bc18423d0c3b155707b7/robotframework-3.0.3.tar.gz
  Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),)': /packages/72/1c/2f24cc6faec277a527fc1b5437e93f68d9c200b2bc18423d0c3b155707b7/robotframework-3.0.3.tar.gz
  Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),)': /packages/72/1c/2f24cc6faec277a527fc1b5437e93f68d9c200b2bc18423d0c3b155707b7/robotframework-3.0.3.tar.gz
Could not install packages due to an EnvironmentError: HTTPSConnectionPool(host='files.pythonhosted.org', port=443): Max retries exceeded with url: /packages/72/1c/2f24cc6faec277a527fc1b5437e93f68d9c200b2bc18423d0c3b155707b7/robotframework-3.0.3.tar.gz (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))

ken-JSS572:~ ken$ sudo pip install --trusted-host=pypi.python.org --trusted-host=pypi.org --trusted-host=files.pythonhosted.org --upgrade --proxy=127.0.0.1:3128 robotframework
The directory '/Users/ken/Library/Caches/pip/http' or its parent directory is not owned by the current user and the cache has been disabled. Please check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
The directory '/Users/ken/Library/Caches/pip' or its parent directory is not owned by the current user and caching wheels has been disabled. check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
Collecting robotframework
  Downloading https://files.pythonhosted.org/packages/72/1c/2f24cc6faec277a527fc1b5437e93f68d9c200b2bc18423d0c3b155707b7/robotframework-3.0.3.tar.gz (443kB)
    100% |████████████████████████████████| 450kB 136kB/s
sling 0.1.1 has requirement click==6.2, but you'll have click 6.7 which is incompatible.
Installing collected packages: robotframework
  Running setup.py install for robotframework ... done
Successfully installed robotframework-3.0.3

Glad to know your issue got fixed @Kenith!

As a side note, running pip with sudo is bad practice. You might break your system and you are doing remote code execution as root here.

@pradyunsg Thank you for the support and suggestions.
You may close the ticket now.

you should use: pip3 ___

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.