When developing using the corporate network, I get caught in various traps such as Proxy.
The other day, when I tried to use a certain module in Python, the SSL server certificate verification failed in requests inside the module, and requests.exceptions.SSLError occurred.
Normally, to disable SSL server certificate validation with requests, write:
requests.get("https://www.google.com", verify=False)
However, this method requires code modification and cannot be used for requests inside the module.
After investigating, I found a way to hack the following requests, so I will introduce it.
Set the environment variable CURL_CA_BUNDLE to an empty string.
import os
os.environ['CURL_CA_BUNDLE'] = ''
requests has the process of overwriting verify with the environment variables CURL_CA_BUNDLE and REQUESTS_CA_BUNDLE as follows. Hack this to make verify`` False.
requests/session.py
if verify is True or verify is None:
verify = (os.environ.get('REQUESTS_CA_BUNDLE') or
os.environ.get('CURL_CA_BUNDLE'))
Instead of actually making it False, make it an empty string that evaluates to False. The reason why None, which is also evaluated as False, is useless and is an empty string is that None will be overwritten with True later.
To briefly explain how Python's ʻor works, ʻA or B returns ʻA when ʻA == True and B when ʻA == False`. Therefore
>>> None or None
None
>>> '' or None
None
>>> None or ''
''
It will be. You can use this to set the environment variable CURL_CA_BUNDLE to an empty string and make verify an empty string, that is, False.
Recommended Posts