skip to Main Content

Environmernt:

Digital Ocean Droplet – Ubuntu 20.04.2 LTS.

Certbot – manage certificated on NGINX

Python:3.10 running in docker container

Nature of error:
On making any request whether I get the SSL: CERTIFICATE_VERIFY_FAILED.
But in a case where my request fails I get a proper 400 error message from the server.

Error: (In this case I’m trying to register)

Internal Server Error: /auth/register/
Traceback (most recent call last):
  File "/usr/local/lib/python3.10/site-packages/django/core/handlers/exception.py", line 54, in inner
    response = get_response(request)
  File "/usr/local/lib/python3.10/site-packages/django/core/handlers/base.py", line 197, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/usr/local/lib/python3.10/contextlib.py", line 79, in inner
    return func(*args, **kwds)
  File "/usr/local/lib/python3.10/site-packages/django/views/decorators/csrf.py", line 55, in wrapper_view
    return view_func(*args, **kwargs)
  File "/usr/local/lib/python3.10/site-packages/django/views/generic/base.py", line 104, in view
    return self.dispatch(request, *args, **kwargs)
  File "/usr/local/lib/python3.10/site-packages/rest_framework/views.py", line 509, in dispatch
    response = self.handle_exception(exc)
  File "/usr/local/lib/python3.10/site-packages/rest_framework/views.py", line 469, in handle_exception
    self.raise_uncaught_exception(exc)
  File "/usr/local/lib/python3.10/site-packages/rest_framework/views.py", line 480, in raise_uncaught_exception
    raise exc
  File "/usr/local/lib/python3.10/site-packages/rest_framework/views.py", line 506, in dispatch
    response = handler(request, *args, **kwargs)
  File "/app/apps/core/views.py", line 45, in post
    data = UserService.register_user(email=email, serializer=serializer)
  File "/app/apps/core/services/registration.py", line 13, in register_user
    MailerClass.send_email(data)
  File "/app/apps/core/utils.py", line 20, in send_email
    email.send()
  File "/usr/local/lib/python3.10/site-packages/django/core/mail/message.py", line 298, in send
    return self.get_connection(fail_silently).send_messages([self])
  File "/usr/local/lib/python3.10/site-packages/django/core/mail/backends/smtp.py", line 125, in send_messages
    new_conn_created = self.open()
  File "/usr/local/lib/python3.10/site-packages/django/core/mail/backends/smtp.py", line 90, in open
    self.connection.starttls(context=self.ssl_context)
  File "/usr/local/lib/python3.10/smtplib.py", line 790, in starttls
    self.sock = context.wrap_socket(self.sock,
  File "/usr/local/lib/python3.10/ssl.py", line 513, in wrap_socket
    return self.sslsocket_class._create(
  File "/usr/local/lib/python3.10/ssl.py", line 1071, in _create
    self.do_handshake()
  File "/usr/local/lib/python3.10/ssl.py", line 1342, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:997)

Error for a failed request: (In this case I’m trying to login with a wrong email)

{
  "email": [
    "email does not exist"
  ]
}

I tried reinstalling the certificate with certbot but the issue persists.

Note: This same endpoints worked properly until i added a second domain to certbot

2

Answers


  1. Can’t post commentary yet so I’ll just do that here, I ran into the same problem not a long time ago. If you are working in a compagny, it is possible that they are blocking it (mine was using Zscaler). You could also check for your accepted certificates on your PC.
    If it is none of those, here’s a link to someone who ran in almost the same issue : '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:997)')))

    Login or Signup to reply.
  2. It appears that a valid certificate which should be signed from a trusted CA is missing or certificate is self-signed or signed from the CA where CA chain is not trusted. You need to add that root or self-signed certificate in the trust store of the client.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search