我对Python非常陌生,并试图在Windows 7上安装链接检查器。一些注意事项:

pip install is failing no matter the package. For example, > pip install scrapy also results in the SSL error. Vanilla install of Python 3.4.1 included pip 1.5.6. The first thing I tried to do was install linkchecker. Python 2.7 was already installed, it came with ArcGIS. python and pip were not available from the command line until I installed 3.4.1. > pip search linkchecker works. Perhaps that is because pip search does not verify the site's SSL certificate. I am in a company network but we do not go through a proxy to reach the Internet. Each company computer (including mine) has a Trusted Root Certificate Authority that is used for various reasons including enabling monitoring TLS traffic to https://google.com. Not sure if that has anything to do with it.

下面是运行pip install linkchecker后我的pip.log的内容:

Downloading/unpacking linkchecker
  Getting page https://pypi.python.org/simple/linkchecker/
  Could not fetch URL https://pypi.python.org/simple/linkchecker/: connection error: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:598)
  Will skip URL https://pypi.python.org/simple/linkchecker/ when looking for download links for linkchecker
  Getting page https://pypi.python.org/simple/
  Could not fetch URL https://pypi.python.org/simple/: connection error: HTTPSConnectionPool(host='pypi.python.org', port=443): Max retries exceeded with url: /simple/ (Caused by <class 'http.client.CannotSendRequest'>: Request-sent)
  Will skip URL https://pypi.python.org/simple/ when looking for download links for linkchecker
  Cannot fetch index base URL https://pypi.python.org/simple/
  URLs to search for versions for linkchecker:
  * https://pypi.python.org/simple/linkchecker/
  Getting page https://pypi.python.org/simple/linkchecker/
  Could not fetch URL https://pypi.python.org/simple/linkchecker/: connection error: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:598)
  Will skip URL https://pypi.python.org/simple/linkchecker/ when looking for download links for linkchecker
  Could not find any downloads that satisfy the requirement linkchecker
Cleaning up...
  Removing temporary dir C:\Users\jcook\AppData\Local\Temp\pip_build_jcook...
No distributions at all found for linkchecker
Exception information:
Traceback (most recent call last):
  File "C:\Python34\lib\site-packages\pip\basecommand.py", line 122, in main
    status = self.run(options, args)
  File "C:\Python34\lib\site-packages\pip\commands\install.py", line 278, in run
    requirement_set.prepare_files(finder, force_root_egg_info=self.bundle, bundle=self.bundle)
  File "C:\Python34\lib\site-packages\pip\req.py", line 1177, in prepare_files
    url = finder.find_requirement(req_to_install, upgrade=self.upgrade)
  File "C:\Python34\lib\site-packages\pip\index.py", line 277, in find_requirement
    raise DistributionNotFound('No distributions at all found for %s' % req)
pip.exceptions.DistributionNotFound: No distributions at all found for linkchecker

当前回答

您可以通过以下方法解决CERTIFICATE_VERIFY_FAILED问题:

Use HTTP instead of HTTPS (e.g. --index-url=http://pypi.python.org/simple/). Use --cert <trusted.pem> or CA_BUNDLE variable to specify alternative CA bundle. E.g. you can go to failing URL from web-browser and import root certificate into your system. Run python -c "import ssl; print(ssl.get_default_verify_paths())" to check the current one (validate if exists). OpenSSL has a pair of environments (SSL_CERT_DIR, SSL_CERT_FILE) which can be used to specify different certificate databasePEP-476. Use --trusted-host <hostname> to mark the host as trusted. In Python use verify=False for requests.get (see: SSL Cert Verification). Use --proxy <proxy> to avoid certificate checks.

阅读更多:TLS/SSL包装套接字对象-验证证书。

其他回答

只是把这个放在这里,因为我没有看到其他人提到它。

你可以像这样设置全局可信主机为pip:

py -m pip config set global.trusted-host pypi.org

最重要的是,它将返回放置pip.ini/pip.conf的正确位置

在64位Windows 7企业版上尝试使用ActivePython 2.7.8、ActivePython 3.4.1和“库存”Python 3.4.2安装pip ftputil时遇到同样的问题。所有尝试都失败了,错误与OP相同。

通过降级到pip 1.2.1来解决Python 3.4.2的问题:easy_install pip==1.2.1(参见https://stackoverflow.com/a/16370731/234235)。同样的修复也适用于ActivePython 2.7.8。

2013年3月报告的这个漏洞仍然存在:https://github.com/pypa/pip/issues/829。

在我的情况下,这是由于SSL证书是由我公司的内部CA签署的。使用像pip——cert这样的变通方法并没有帮助,但是下面的包可以:

pip install pip_system_certs

参见:https://pypi.org/project/pip-system-certs/

这个包修补pip并在运行时请求使用来自默认系统存储的证书(而不是捆绑的certs ca)。 这将允许pip验证tls/ssl连接到您的系统安装信任的服务器。

我对pip 21.0.1有这个问题,没有一个答案对我有效。一些人通过降低pip版本来解决这个问题。

如果在2021年你仍然有这个问题,我确实降级到pip 20.2.4,现在它起作用了。

如果您的系统中缺少某些证书,则可能会遇到此问题。在opensuse上安装ca-certificates-mozilla