When using the Python Requests library to make HTTPS requests, you may encounter an error like:
SSLError: [SSL] LOCAL_ISSUER_CERT_NOT_TRUSTED
This error means that the SSL certificate presented by the server is not trusted by your local system. There are a few things you can try to resolve this:
Check your Operating System's Trust Store
Most operating systems come with a default set of trusted SSL certificate authorities. However, occasionally these can get out of date. Try updating your OS and see if that resolves the issue:
Specify a Custom CA Bundle
If updating the OS doesn't help, the next step is to specify your own set of trusted CA certificates.
The Requests library allows you to pass in a custom CA bundle path:
resp = requests.get('https://example.com', verify='/path/to/ca/bundle')
You can often find up-to-date CA bundles online to use for this purpose.
Disable Certificate Verification
As a last resort, you can disable SSL certificate verification entirely:
resp = requests.get('https://example.com', verify=False)
However this removes security, so only use as a temporary measure.
Debugging SSL issues can be tricky! The key is to gradually narrow down the root cause - whether it's an OS issue, network configuration problem, or invalid certificate presented by the server you are accessing. Carefully going through these steps can help resolve these kinds of errors.