Skip to content Skip to sidebar Skip to footer
Home / Amazon Web Services / Boto / Python

When I Use Python Boto Connect To Aws Ec2 , It Show Sslerror: [ssl: Certificate_verify_failed] Certificate Verify Failed (_ssl.c:661)

Post a Comment
I'm using Windows 10 OS. I want to count the number of IP Address of AWS. I use python 2.7.14 and boto 2.6.0 I add a file which name is boto.config locate C:\Users\Administrator f

Solution 1:

I was having same issue with boto3 and Python 3.7 on Windows 10 machine. As it turned out, since I was using corporate device with Proxy installed, *.amazonaws.com certificate was getting replaced by the Proxy certificate. This Proxy certificate chain needed to be trusted by Python certifi module. Whether or not, you have a proxy, below method should resolve SSL: CERTIFICATE_VERIFY_FAILED error.

Here is what I did, to resolve the issue -

  1. Find the path where cacert.pem is located -

Install certifi, if you don't have. Command: pip install certifi

import certifi
certifi.where()
C:\\Users\\[UserID]\\AppData\\Local\\Programs\\Python\\Python37-32\\lib\\site-packages\\certifi\\cacert.pem

  1. Set AWS_CA_BUNDLE environment variable to the cacert.pem path -

    AWS_CA_BUNDLE=C:\Users\[UserID]\AppData\Local\Programs\Python\Python37-32\Lib\site-packages\certifi\cacert.pem

  2. Download the chain of certificates from amazonaws.com URL. For example: Go to https://sts.amazonaws.com/xyz on a browser and export Root, all the intermediate certificates, domain cert and save as base64 encoded .cer file. Open the certificates in notepad, copy all the contents.

  3. Now open the cacert.pem in a notepad and just add every downloaded certificate contents (---Begin Certificate--- *** ---End Certificate---) at the end.

Restart the command line prompt or PowerShell, SSL verification error should be resolved.

Do not useis_secure = False in your organization's envrionments. This is essentially disabling SSL verification.

Solution 2:

Try adding is_secure = False like below, in order to skip ssl verification,

conn = boto.ec2.connect_to_region('cn-north-1',is_secure=False)

Try providing the credentials as so, that way you would know if the keys in boto config are old if this works, and if this returns the same issue then you need to check your api-key and secret on aws.

API_KEY = 'Actual API_KEY'API_SECRET = 'Actual Secret'conn = boto.ec2.connect_to_region('us-east-2',aws_access_key_id=API_KEY,aws_secret_access_key=API_SECRET,is_secure=False)

You may like these posts

Post a Comment for "When I Use Python Boto Connect To Aws Ec2 , It Show Sslerror: [ssl: Certificate_verify_failed] Certificate Verify Failed (_ssl.c:661)"