如何解决InsecureRequestWarning

InsecureRequestWarning报错信息

/usr/local/lib/python2.7/site-packages/requests-2.4.0-py2.7.egg/requests/packages/urllib3/connectionpool.py:730: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html (This warning will only appear once by default.)

InsecureRequestWarning)

不要使用verify=False

或者requests.packages.urllib3.disable_warnings()

不要忽视警告

正确的做法

参考

https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings

https://urllib3.readthedocs.io/en/latest/user-guide.html#ssl

insecurerequestwarning in python urllib3 requests

安装证书进行Certificate verification

It is highly recommended to always use SSL certificate verification.By default, urllib3 does not verify HTTPS requests.

In order to enable verification you will need a set of root certificates. The easiestand most reliable method is to use thecertifi package which provides Mozilla’s root certificate bundle:

pip install certifi

安装几个包

pip install cryptography

pip install pyOpenSSL

pip install certifi

什么是Certifi

Trust Database for Humans

Certifi is a carefully curated collection of Root Certificates forvalidating the trustworthiness of SSL certificates while verifying theidentity of TLS hosts. It has been extracted from theRequests project.

The internet is an untrusted place. Every HTTP request you make should haveverification on by default. This happens every time you access a website withyour web browser, without any knowledge to the user — there’s no reason yourcode should be any different.

Certifi is here to make this possible.