Conda - SSL CERTIFICATE_VERIFY_FAILED
Command:
conda create -p venv python==3.10 conda update conda
Error Messages:
1
Exception: HTTPSConnectionPool(host='repo.anaconda.com', port=443): Max retries exceeded with url: /pkgs/main/osx-arm64/repodata.json.zst (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1006)')))
System Configuration:
- Operating System: MacOS
What steps resulted in this error?
- Creating an virtual environment using Conda:
1
conda create -p venv python==3.10
What does this error mean?
- This error means that there was a timeout while trying to reach the repo.anaconda.com server.
Why did this error occur?
- The SSL certificate verification process has failed because the local system could not verify the certificate of the server.
- This is a common issue when using corporate networks or private certificates that are not included in the default certificate store.
Solution
- Follow the below steps to resolve the issue:
- Obtain the Corporate Certificate:
- Ensure you have the corporate certificate file, typically with a .crt or .pem extension.
- Locate the Conda Environment Directory:
- Find the Conda environment directory where you need to add the certificate. You can use the following command to get the base environment directory:
1
conda info --base
- Find the Conda environment directory where you need to add the certificate. You can use the following command to get the base environment directory:
- Copy the Corporate Certificate to Conda Environment:
- Copy your corporate certificate to the Conda environment’s ssl directory. Assuming your Conda base environment is in /Users/your-username/anaconda3, you would do something like this:
1
cp /path/to/your/corporate_certificate.crt /Users/your-username/anaconda3/ssl/certs/
- Copy your corporate certificate to the Conda environment’s ssl directory. Assuming your Conda base environment is in /Users/your-username/anaconda3, you would do something like this:
Create the directory /anaconda3/ssl/certs/ if it does not exist.
- Configure Conda to Use the Corporate Certificate:
- Conda needs to be configured to recognize and use the certificate for SSL connections. Set the environment variable REQUESTS_CA_BUNDLE to the path of the certificate:
1
export REQUESTS_CA_BUNDLE=/Users/your-username/anaconda3/ssl/certs/corporate_certificate.crt
- Conda needs to be configured to recognize and use the certificate for SSL connections. Set the environment variable REQUESTS_CA_BUNDLE to the path of the certificate:
- Persist the Configuration:
- To make sure the configuration is persistent across shell sessions, add the environment variable to your shell profile (e.g., .zshrc, .bashrc, or .bash_profile):
1 2
echo 'export REQUESTS_CA_BUNDLE=/Users/your-username/anaconda3/ssl/certs/corporate_certificate.crt' >> ~/.zshrc source ~/.zshrc
- To make sure the configuration is persistent across shell sessions, add the environment variable to your shell profile (e.g., .zshrc, .bashrc, or .bash_profile):
- Verify the Configuration:
- Ensure the environment variable is set correctly:
1
echo $REQUESTS_CA_BUNDLE
- Ensure the environment variable is set correctly:
- Test the Conda Commands:
- Try running a Conda command to verify if the setup works correctly:
1
conda update conda
- Try running a Conda command to verify if the setup works correctly:
This post is licensed under CC BY 4.0 by the author.