SSL InsecurePlatform error when using Requests package
Requests 2.6 introduced this warning for users of python prior to 2.7.9 with only stock SSL modules available.
Assuming you can't upgrade to a newer version of python, this will install more up-to-date python SSL libraries:
pip install --upgrade ndg-httpsclient
HOWEVER, this may fail on some systems without the build-dependencies for pyOpenSSL. On debian systems, running this before the pip command above should be enough for pyOpenSSL to build:
apt-get install python-dev libffi-dev libssl-dev
I don't use this in production, just some test runners. And to reiterate the urllib3 documentation
If you know what you are doing and would like to disable this and other warnings
import requests.packages.urllib3
requests.packages.urllib3.disable_warnings()
Edit / Update:
The following should also work:
import logging
import requests
# turn down requests log verbosity
logging.getLogger('requests').setLevel(logging.CRITICAL)
Use the somewhat hidden security feature:
pip install requests[security]
or
pip install pyOpenSSL ndg-httpsclient pyasn1
Both commands install following extra packages:
- pyOpenSSL
- cryptography
- idna
Please note that this is not required for python-2.7.9+.
If pip install
fails with errors, check whether you have required development packages for libffi
, libssl
and python
installed in your system using distribution's package manager:
Debian/Ubuntu -
python-dev
libffi-dev
libssl-dev
packages.Fedora -
openssl-devel
python-devel
libffi-devel
packages.
Distro list above is incomplete.
Workaround (see the original answer by @TomDotTom):
In case you cannot install some of the required development packages, there's also an option to disable that warning:
import requests.packages.urllib3
requests.packages.urllib3.disable_warnings()
If your pip
itself is affected by InsecurePlatformWarning
and cannot install anything from PyPI, it can be fixed with this step-by-step guide to deploy extra python packages manually.