How do I disable the security certificate check in Python requests

by

From the documentation:

requests can also ignore verifying the SSL certificate if you set
verify to False.

>>> requests.get('https://kennethreitz.com', verify=False)
<Response [200]>

If you’re using a third-party module and want to disable the checks, here’s a context manager that monkey patches requests and changes it so that verify=False is the default and suppresses the warning.

import warnings
import contextlib

import requests
from urllib3.exceptions import InsecureRequestWarning


old_merge_environment_settings = requests.Session.merge_environment_settings

@contextlib.contextmanager
def no_ssl_verification():
    opened_adapters = set()

    def merge_environment_settings(self, url, proxies, stream, verify, cert):
        # Verification happens only once per connection so we need to close
        # all the opened adapters once we're done. Otherwise, the effects of
        # verify=False persist beyond the end of this context manager.
        opened_adapters.add(self.get_adapter(url))

        settings = old_merge_environment_settings(self, url, proxies, stream, verify, cert)
        settings['verify'] = False

        return settings

    requests.Session.merge_environment_settings = merge_environment_settings

    try:
        with warnings.catch_warnings():
            warnings.simplefilter('ignore', InsecureRequestWarning)
            yield
    finally:
        requests.Session.merge_environment_settings = old_merge_environment_settings

        for adapter in opened_adapters:
            try:
                adapter.close()
            except:
                pass

Here’s how you use it: 

with no_ssl_verification():
    requests.get('https://wrong.host.badssl.com/')
    print('It works')

    requests.get('https://wrong.host.badssl.com/', verify=True)
    print('Even if you try to force it to')

requests.get('https://wrong.host.badssl.com/', verify=False)
print('It resets back')

session = requests.Session()
session.verify = True

with no_ssl_verification():
    session.get('https://wrong.host.badssl.com/', verify=True)
    print('Works even here')

try:
    requests.get('https://wrong.host.badssl.com/')
except requests.exceptions.SSLError:
    print('It breaks')

try:
    session.get('https://wrong.host.badssl.com/')
except requests.exceptions.SSLError:
    print('It breaks here again')

Note that this code closes all open adapters that handled a patched request once you leave the context manager. This is because requests maintains a per-session connection pool and certificate validation happens only once per connection so unexpected things like this will happen:

>>> import requests
>>> session = requests.Session()
>>> session.get('https://wrong.host.badssl.com/', verify=False)
/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py:857: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
  InsecureRequestWarning)
<Response [200]>
>>> session.get('https://wrong.host.badssl.com/', verify=True)
/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py:857: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
  InsecureRequestWarning)
<Response [200]>

More Related Contents:

  1. How can I see the entire HTTP request that’s being sent by my Python application?
  2. Requests (Caused by SSLError(“Can’t connect to HTTPS URL because the SSL module is not available.”) Error in PyCharm requesting website
  3. Python requests.exceptions.SSLError: EOF occurred in violation of protocol
  4. Python requests SSL error – certificate verify failed
  5. How to get response SSL certificate from requests in python?
  6. How to “log in” to a website using Python’s Requests module?
  7. Python Requests throwing SSLError
  8. Proxies with Python ‘Requests’ module
  9. Python Requests and persistent sessions
  10. Python requests – print entire http request (raw)?
  11. MaxRetryError: HTTPConnectionPool: Max retries exceeded (Caused by ProtocolError(‘Connection aborted.’, error(111, ‘Connection refused’)))
  12. How could I use requests in asyncio?
  13. Python Requests – No connection adapters
  14. python ignore certificate validation urllib2
  15. Using Python Requests: Sessions, Cookies, and POST
  16. Error when loading cookies into a Python request session
  17. Difference between data and json parameters in python requests package
  18. Only download a part of the document using python requests
  19. OpenSSL errors in python requests
  20. Python : Trying to POST form using requests
  21. Send http request through specific network interface
  22. parsing XML file gets UnicodeEncodeError (ElementTree) / ValueError (lxml)
  23. What is the difference between ‘content’ and ‘text’
  24. parse multipart/form-data, received from requests post
  25. python requests module and connection reuse
  26. How to get the raw content of a response in requests with Python?
  27. how to post multiple value with same key in python requests?
  28. Requests with multiple connections
  29. Unable to get local issuer certificate when using requests
  30. Sending SOAP request using Python Requests

Leave a Comment