python easy_install fails with SSL certificate error for all packages
your curl cert is too old try to download new curl cert:
sudo wget http://curl.haxx.se/ca/cacert.pem -O /etc/pki/tls/certs/ca-bundle.crt
I found this page after looking for a solution to this problem. In case someone else has similar problem, the solution I found is:
At the start of the setuptools/ssl_support.py
file (which is used by easy_install, and is inside the egg file: ./lib/python2.7/site-packages/setuptools-3.5.1-py2.7.egg
), the certificate bundles files are hard-coded in cert_paths
variable:
cert_paths = """
/etc/pki/tls/certs/ca-bundle.crt
/etc/ssl/certs/ca-certificates.crt
/usr/share/ssl/certs/ca-bundle.crt
/usr/local/share/certs/ca-root.crt
...etc..
"""
easy_install
will use the first file that exists from this list, as it calls find_ca_bundle
. If certificates in this cert bundle file are out of date, then easy_install will fail with this SSL error. So need to either update the certificate file or change the cert_paths
in this ssl_support.py
file, to point to a local up-to-date certs bundle file.
I have seen this problem in a specific environment: Mac OS X with macports, installing packages in user's local path. The solution was to install the certificates from curl:
port install curl-ca-bundle
Btw, until you don't have the ceritificates, most of the port
, easy_install
and pip
commands will fail because the ssl error.