Requests: Problem finding certificate

This is an anaconda issue I think: we're looking for the cacert.pem file in the Requests package, and it seems not to be there. You'll need to take it up with the person providing your Requests package.

I am pretty new to this whole programming thing but I have the same issue and am working on tracing the route cause. Found this in the Request package under adapters.py

Anyone have thoughts where to look next? Thank you

@HydoCarbOxymora Can you provide the full traceback and error message please?

Here is the traceback error I get.... Any ideas on how to address this issue?

OSError Traceback (most recent call last)
in ()
----> 1 result = flight.send_sync(use_containers=False)

/Users/VieirasMac/anaconda/lib/python3.5/site-packages/pyflight/requester.py in send_sync(self, use_containers)
231 documentation for :meth:pyflight.send_sync().
232 """
--> 233 return pyflight.send_sync(self, use_containers=use_containers)
234
235 async def send_async(self, use_containers: bool=True) -> Union[Result, dict]:

/Users/VieirasMac/anaconda/lib/python3.5/site-packages/pyflight/requester.py in send_sync(request_body, use_containers)
406 response = requester.post_request_sync(BASE_URL, request_body)
407 elif isinstance(request_body, Request):
--> 408 response = requester.post_request_sync(BASE_URL, request_body.raw_data)
409 else:
410 raise ValueError('Unsupported Request Type')

/Users/VieirasMac/anaconda/lib/python3.5/site-packages/pyflight/api.py in post_request_sync(self, url, payload)
98 """
99 pyflight.rate_limiter.delay_sync()
--> 100 r = requests.post(url + self.api_key, json=payload)
101 if r.status_code != 200:
102 resp = r.json()

/Users/VieirasMac/anaconda/lib/python3.5/site-packages/requests/api.py in post(url, data, json, *kwargs)
110 """
111
--> 112 return request('post', url, data=data, json=json, *kwargs)
113
114

/Users/VieirasMac/anaconda/lib/python3.5/site-packages/requests/api.py in request(method, url, *kwargs)
56 # cases, and look like a memory leak in others.
57 with sessions.Session() as session:
---> 58 return session.request(method=method, url=url, *kwargs)
59
60

/Users/VieirasMac/anaconda/lib/python3.5/site-packages/requests/sessions.py in request(self, method, url, params, data, headers, cookies, files, auth, timeout, allow_redirects, proxies, hooks, stream, verify, cert, json)
516
517 def options(self, url, **kwargs):
--> 518 r"""Sends a OPTIONS request. Returns :class:Response object.
519
520 :param url: URL for the new :class:Request object.

/Users/VieirasMac/anaconda/lib/python3.5/site-packages/requests/sessions.py in send(self, request, **kwargs)
637 if history:
638 # Insert the first (original) request at the start
--> 639 history.insert(0, r)
640 # Get the last request made
641 r = history.pop()

/Users/VieirasMac/anaconda/lib/python3.5/site-packages/requests/adapters.py in send(self, request, stream, timeout, verify, cert, proxies)
403 """
404
--> 405 conn = self.get_connection(request.url, proxies)
406
407 self.cert_verify(conn, request.url, verify, cert)

/Users/VieirasMac/anaconda/lib/python3.5/site-packages/requests/adapters.py in cert_verify(self, conn, url, verify, cert)
223
224 if not cert_loc or not os.path.exists(cert_loc):
--> 225 raise IOError("Could not find a suitable TLS CA certificate bundle, "
226 "invalid path: {0}".format(cert_loc))
227

OSError: Could not find a suitable TLS CA certificate bundle, invalid path: /Users/VieirasMac/anaconda/lib/python3.5/site-packages/requests/cacert.pem

This appears to be a problem with your requests installation: we expect to find a file here that apparently doesn't exist. How did you install requests?

I work for Continuum, on the team that produces Anaconda. Sorry that this support request has fallen on you. Anaconda provides certs with the certifi package, which on windows places cacert.pem in Lib/site-packages/certifi. There's also the ca-certificates package, which puts them in Library/ssl, where curl looks for them. Does Anaconda really need to put them in requests, also? Every place that they are copied is another chance for them to be out-of-date.

If there's any configuration that Continuum could do to requests to point to one of the other locations, please let me know.

It seems there may be some other issue. certs.py has:

try:
    from certifi import where
except ImportError:
    def where():
        """Return the preferred certificate bundle."""
        # vendored bundle inside Requests
        return os.path.join(os.path.dirname(__file__), 'cacert.pem')

So certifi should be in use. Seems to be some insane string bug:

(Pdb) > c:\users\builder\miniconda2\lib\site-packages\requests\adapters.py(217)cert_verify()
-> if verify is not True:
verify
(Pdb) 'True'
verify == True
(Pdb) False

I'll try to isolate it further.

Hi,

I'm not sure that it's the same

IOError: Could not find a suitable TLS CA certificate bundle, invalid path: /anaconda/lib/python2.7/site-packages/requests/cacert.pem

getting it's when running:

import cufflinks as cf
import pandas as pd

cf.set_config_file(world_readable=True,offline=False)

cf.datagen.lines(1,500).ta_plot(study='sma',periods=[13,21,55],title='Simple Moving Averages')

on Jupyter

Yup, it's the same: your packages have come from Anaconda.

Sorry, but I didn't understand what is the solution?

Could we please take a step back and look for what might really be the issue? I've checked, and Continuum is shipping cacert.pem in the requests folder. See for yourself if you'd like: https://repo.continuum.io/pkgs/free/osx-64/requests-2.14.2-py36_0.tar.bz2

There's something else at play here, and it appears to be cross-platform. Has anything changed recently regarding how these certs get loaded? Are there any requirements of the certs that have changed recently?

Also, @Bondifrench where did you install requests from? It looks like you have version 2.18, but the official continuum package is out of date - 2.14 is current. If you got requests from pip, this could be a pip interaction problem with conda. If you got it from an anaconda.org channel, we need to follow up with the package authors. It looks like conda-forge does not ship cacert.pem, instead depending on certifi to provide that functionality.

@msarahan So the most important issue is that we stopped shipping it locally: we moved to using certifi instead of vendoring the cert bundle. You'll notice that in our tree cacert.pem is gone, and certifi.where is used directly. This leads us to our confusion: why is there a Requests version that appears to be colliding with what Anaconda wants, and why is it looking for a file we know we don't look for anymore?

I am also having this issue....even when replacing the cacert.pm file in the requests folder with the correct file, requests is unable to find it. Throwing SSL bad handshake error. When I feed requests the address to the cacert.pem file it doesn't seem to be an issue. What is the solution here?

To do what you're currently doing; feed Requests the cert bundle. 😁

Hi, I have encountered the same error: "IOError: Could not find a suitable TLS CA certificate bundle, invalid path: c:appsProgram FilesContinuumAnaconda2.1libsite-packagesrequestscacert.pem" when simply trying to run some code to make a Plotly graph.

The following is the first traceback error:

IOError Traceback (most recent call last)
in ()
12 data1 = Data([trace0, trace1])
13
---> 14 py.iplot(data1, filename = 'basic-line')

Is there a way to fix this? Thanks

@ChaosPredictor I solved this by manually copying the cacert.pem file from /lib/site-packages/certifi to /lib/site-packages/requests and that solved the issue with plotly. Using Anaconda with Python 3.6 on OSX.

I solved the issue by uninstalling and reinstalling Anaconda. I use Anaconda3 4.4.0 and fix-yahoo-finance 0.0.19 on Ubuntu Linux.

/lib/site-packages/certifi

It would really help if you make this a bit more complete. Which of the 2+ libs are you referring to?