TkinterWeb icon indicating copy to clipboard operation
TkinterWeb copied to clipboard
verified publisher icon Andereoo

SSL CERTIFICATE_VERIFY_FAILED

Open cotacote opened this issue 4 years ago • 2 comments

Hello ! :)

Source code snippet :

import tkinter as tk
from tkinterweb import HtmlFrame #import the HTML browser

root = tk.Tk() #create the tkinter window
frame = HtmlFrame(root) #create the HTML browser
frame.load_website("https://www.google.com") #load a website
frame.pack(fill="both", expand=True) #attach the HtmlFrame widget to the parent window
root.mainloop()

Error :

An error has been encountered while loading https://www.google.com: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1129)>.

Environement :

macOS Catalina 
python 3.9.10
tkinterweb 3.10

Maybe you should use the ssl._create_unverified_context() from ssl package. For example, your file utilities.py becomes(start at line 628):

un_verified_context = ssl._create_unverified_context()
if data and (method == "POST"):
      req = urlopen(Request(url, data, headers=HEADER), context=un_verified_context)
else:
      req = urlopen(Request(url, headers=HEADER), context=un_verified_context)

I'm not sure that is the best solution but it should works! 👍

cotacote avatar Jan 22 '22 00:01 cotacote

Hello!

Thank you for letting me know about this. Unfortunately I cannot reproduce it on my end. Do you get this error message on all websites, or just Google?

Regarding your fix, I really appreciate your input on this. If I need to add it in, I will, but I am a little bit worried about creating unverified contexts. It is a bit of a security issue. I might add a setting to turn it off or something at least.

I did a bit of digging and found that Python on some newer Mac systems comes installed with no certificates. Try pip install certifi and let me know if this issue persists.

Thanks!

Andereoo avatar Jan 22 '22 14:01 Andereoo

@cotacote did running pip install certifi solve the issue?

Andereoo avatar Mar 30 '22 16:03 Andereoo

I am currently trying to use tkinterweb to connect to insecure web servers that i am unable to resolve the certificate errors on. Do you have any plans on adding a way to bypass the certificate error?

Thank you

gary7852 avatar Jun 22 '23 23:06 gary7852

Hi! Did you try installing certifi? I'm away for the summer and don't have access to a computer, but I will look into this in September when I return. I hope this isn't too much of a nuisance.

Andereoo avatar Jul 06 '23 11:07 Andereoo

Hi @cotacote, I believe that we have found a workaround for this issue. If installing certifi doesn't work, you can now disable the checking of certificates by adding insecure=True when calling load_url or load_website. Thanks @TRVRStash for the workaround!

Let me know if this works!

Andereoo avatar Oct 31 '23 13:10 Andereoo