Pip Install – SSL Error: Certificate_Verify_Failed

If you are trying to install some Python package using the pip install command and pip fails to verify the SSL certificate, you may receive the error as follows:

Could not fetch URL https://pypi.org/…/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host=’pypi.org’, port=443): Max retries exceeded with url: /…/ (Caused by SSLError(SSLCertVerificationError(1, ‘[ SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: … – skipping

If there is a problem with confirming the SSL certificate of a repository, you can add it as a --trusted-host that will make pip ignore the SSL certificate check for this repository.

Cool Tip: How to install specific version of a package using pip! Read More →

Pip Install – Ignore SSL Certificate

Warning: Adding the repositories to the trusted sources disables SSL certificate verification and exposes a vulnerability to a man-in-the-middle attack.

To configure pip to ignore SSL certificate verification, add the required repositories to the trusted sources, for example:

$ pip install --trusted-host pypi.org \
              --trusted-host files.pythonhosted.org \

The trusted hosts can also be added to the config file:

# pip.ini (Windows)
# pip.conf (Unix, macOS)

trusted-host = pypi.org

One Reply to “Pip Install – SSL Error: Certificate_Verify_Failed”

  1. In my case, the root caused turned out to be an incorrect system date, which happened to be out of the certificate validity date range at the time of executing pip. This is related to the SSL library and not pip itself. Thus a simple wget or curl call to the offending URL will duplicate the issue.

    Of course, I was also able to work around the issue quickly with –trusted-host

    In general, this might be a common case with working with SBC like RasberryPi/BeagleBone or any other system where a real-time clock (RTC) is not present out of the box. So lesson learned: Use NTP for to keep system time up-to-date whenever possible.

Leave a Reply