Python / Python

Python SSL: certificate verify failed

Fix Python SSL certificate verification failures in pip, requests, urllib, and API clients.

General troubleshooting guidance Last updated May 10, 2026 0 sources Needs local verification

Category: Python
Error signature: SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed
Quick fix: Update certifi and your system certificates, then retry the Python command.
Updated: May 10, 2026
Verification status: General troubleshooting guidance
Evidence: 0 public source URLs

Before you change production

This page does not expose source URLs in the page body. Treat it as general troubleshooting guidance and verify against official documentation before changing systems.

Reproduce the smallest failing action and save non-secret logs before changing configuration.
Check versions for Python, related SDKs, package managers, CI runners, and hosting providers.
Change one setting or dependency at a time, then rerun the same failing command or request.
Avoid destructive commands, credential rotation, billing changes, or security relaxations without a rollback plan.

What this error means

Python raised CERTIFICATE_VERIFY_FAILED because it could not build a trusted TLS certificate chain for the server it contacted.

Common causes

The local CA bundle is outdated.
A proxy or antivirus tool intercepts HTTPS traffic with a custom certificate.
The server certificate is expired, incomplete, or issued for a different hostname.
Your machine clock is wrong, making a valid certificate appear expired or not yet valid.

Quick fixes

Upgrade Python certificate packages:

   python -m pip install --upgrade pip certifi

Check your system date and time.
If you are on a corporate network, install the organization root certificate through the approved system process.
Retry the command.

Step-by-step troubleshooting

Identify whether the failure happens in pip, requests, urllib, or a specific SDK.
Visit the target URL in a browser and inspect the certificate chain.
Run the command from a different network to check whether a proxy is involved.
Update operating system certificate bundles.
Configure the client to use the correct trusted CA bundle instead of disabling verification.

Diagnostic flow for this page

Match SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed exactly before applying the quick fix.
Compare the failing environment with Python versions, account scope, provider settings, and deployment context.
Check the listed common causes in order, starting with the cause that best matches your logs.
Use the evidence status below to decide whether to confirm against public sources or official documentation.
Apply one reversible change, rerun the smallest failing action, and keep rollback notes.

FAQ

What does SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed mean in Python?

SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed indicates the workflow described by "Python SSL: certificate verify failed" failed in a Python context. Start by confirming the exact signature and the component that emitted it.

What should I check first for SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed?

Check whether this cause matches your environment: Outdated certificate authority bundle

Is the SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed guidance source-backed?

The "Python SSL: certificate verify failed" page is labeled general troubleshooting guidance. It has no public source URLs in the current Markdown record, so use that evidence status when deciding how much additional verification you need.

When should I avoid the quick fix for SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed?

For "Python SSL: certificate verify failed", avoid applying "Update certifi and your system certificates, then retry the Python command." when the error text differs, the affected version or provider is different, or the change would touch credentials, billing, DNS, production deploy settings, or irreversible data.

What should I collect before debugging SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed?

For "Python SSL: certificate verify failed", collect the failing Python command or request, non-secret configuration, versions, timestamps, request IDs when available, and the smallest reproduction that still triggers the signature.