Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Current »

If a Python script run is returning an SSL Error like below:

ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)

it is likely due to the DEV or Production environment certificate not being accepted, then you need to follow the below steps to solve it.

  1. firstly you need to download the certificates from DEV by visiting https://ws-sandbox.midchains.com:8081/ and prod by visiting and https://ws.midchains.com:8081/ :

a. then click on the lock button:

b. and then choose the certificate button which will open the below menu:

c. from this menu choose the details tab and from Certificate Hierarchy export each certificate one by one:

d. after download all the certificates rename Builtin Object Token_Go Daddy Root Certificate Authority - G2 to root and Go Daddy Secure Certificate Authority - G2 to subroot.

2. after you downloaded all certificates , you have to use the below command in the terminal for every certificate to make it in proper installation format:

sudo openssl x509 -inform DER -in certificate.cer -out certificate.crt

3. Create a directory for extra CA certificates inĀ /usr/share/ca-certificates using the below command the terminal:

sudo mkdir /usr/share/ca-certificates/extra

4. then you have to move each certificate to the above directory, using the below command in the terminal for each certificate:

sudo cp root /usr/share/ca-certificates/extra/root.crt

5. the last step is you have to install each certificate one by one using the below command in the terminal :

sudo dpkg-reconfigure ca-certificates

which will open an interactive window inside the terminal like below:

choose yes and it will transfer you to the installation menu like below:

Press space on the keyboard to select all certificates in extra directory like above, and when you select the certificate there should be a star in the brackets before the certificate path like below:

[*] extra/root.crt

after select all certificates hit ok.

if the installation succeeded, it will give a response in the terminal that says:

3 added , 0 removed; done

To do this installation non-interactively, run the below command in the terminal :

sudo update-ca-certificates

and if it succeeded it should give the response below:

3 added , 0 removed; done

  • No labels