13,724 questions
'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1006)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous
Hi, I'm following the tutorial: https://learn.microsoft.com/en-us/graph/tutorials/python-app-only?tabs=aad
I have added certificates to my config file but when I run it I'm getting the following exception. I have double check the credentials but can not understand what might be failing.
azure.core.exceptions.ServiceRequestError: Cannot connect to host login.microsoftonline.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1006)')]
Unclosed client session
client_session: <aiohttp.client.ClientSession object at Python Graph App-Only Tutorial
Please choose one of the following options:
0. Exit
1. Display access token
2. List users
3. Make a Graph call
1
ClientSecretCredential.get_token failed: Cannot connect to host login.microsoftonline.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1006)')]
Traceback (most recent call last):
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/aiohttp/connector.py", line 1043, in _wrap_create_connection
return await self._loop.create_connection(*args, **kwargs, sock=sock)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Library/Frameworks/Python.framework/Versions/3.11/lib/python3.11/asyncio/base_events.py", line 1112, in create_connection
transport, protocol = await self._create_connection_transport(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Library/Frameworks/Python.framework/Versions/3.11/lib/python3.11/asyncio/base_events.py", line 1145, in _create_connection_transport
await waiter
File "/Library/Frameworks/Python.framework/Versions/3.11/lib/python3.11/asyncio/sslproto.py", line 575, in _on_handshake_complete
raise handshake_exc
File "/Library/Frameworks/Python.framework/Versions/3.11/lib/python3.11/asyncio/sslproto.py", line 557, in _do_handshake
self._sslobj.do_handshake()
File "/Library/Frameworks/Python.framework/Versions/3.11/lib/python3.11/ssl.py", line 979, in do_handshake
self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1006)
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/azure/core/pipeline/transport/_aiohttp.py", line 303, in send
result = await self.session.request( # type: ignore
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/aiohttp/client.py", line 648, in _request
conn = await self._connector.connect(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/aiohttp/connector.py", line 546, in connect
proto = await self._create_connection(req, traces, timeout)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/aiohttp/connector.py", line 954, in _create_connection
_, proto = await self._create_direct_connection(req, traces, timeout)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/aiohttp/connector.py", line 1313, in _create_direct_connection
raise last_exc
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/aiohttp/connector.py", line 1282, in _create_direct_connection
transp, proto = await self._wrap_create_connection(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/aiohttp/connector.py", line 1045, in _wrap_create_connection
raise ClientConnectorCertificateError(req.connection_key, exc) from exc
aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host login.microsoftonline.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1006)')]
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "/Users/rubencontesti/Code/email_db/test_python_app_only.py", line 59, in <module>
asyncio.run(main())
File "/Library/Frameworks/Python.framework/Versions/3.11/lib/python3.11/asyncio/runners.py", line 190, in run
return runner.run(main)
^^^^^^^^^^^^^^^^
File "/Library/Frameworks/Python.framework/Versions/3.11/lib/python3.11/asyncio/runners.py", line 118, in run
return self._loop.run_until_complete(task)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Library/Frameworks/Python.framework/Versions/3.11/lib/python3.11/asyncio/base_events.py", line 653, in run_until_complete
return future.result()
^^^^^^^^^^^^^^^
File "/Users/rubencontesti/Code/email_db/test_python_app_only.py", line 34, in main
await display_access_token(graph)
File "/Users/rubencontesti/Code/email_db/test_python_app_only.py", line 47, in display_access_token
token = await graph.get_app_only_token()
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/rubencontesti/Code/email_db/test_python_app_only_graph.py", line 22, in get_app_only_token
access_token = await self.client_credential.get_token(graph_scope)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/azure/identity/aio/_internal/get_token_mixin.py", line 93, in get_token
token = await self._request_token(
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/azure/identity/aio/_credentials/client_secret.py", line 67, in _request_token
return await self._client.obtain_token_by_client_secret(scopes, self._secret, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/azure/identity/aio/_internal/aad_client.py", line 49, in obtain_token_by_client_secret
return await self._run_pipeline(request, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/azure/identity/aio/_internal/aad_client.py", line 93, in _run_pipeline
response = await self._pipeline.run(request, retry_on_methods=self._POST, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/azure/core/pipeline/_base_async.py", line 219, in run
return await first_node.send(pipeline_request)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/azure/core/pipeline/_base_async.py", line 68, in send
response = await self.next.send(request)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/azure/core/pipeline/_base_async.py", line 68, in send
response = await self.next.send(request)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/azure/core/pipeline/_base_async.py", line 68, in send
response = await self.next.send(request)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[Previous line repeated 1 more time]
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/azure/core/pipeline/policies/_retry_async.py", line 206, in send
raise err
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/azure/core/pipeline/policies/_retry_async.py", line 180, in send
response = await self.next.send(request)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/azure/core/pipeline/_base_async.py", line 68, in send
response = await self.next.send(request)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/azure/core/pipeline/_base_async.py", line 68, in send
response = await self.next.send(request)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/azure/core/pipeline/_base_async.py", line 68, in send
response = await self.next.send(request)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[Previous line repeated 1 more time]
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/azure/core/pipeline/_base_async.py", line 104, in send
await self._sender.send(request.http_request, **request.context.options),
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/rubencontesti/Code/email_db/venv_email_db/lib/python3.11/site-packages/azure/core/pipeline/transport/_aiohttp.py", line 348, in send
raise ServiceRequestError(err, error=err) from err
azure.core.exceptions.ServiceRequestError: Cannot connect to host login.microsoftonline.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1006)')]
Unclosed client session
client_session: <aiohttp.client.ClientSession object at 0x103b87690>
Microsoft Security | Microsoft Graph
Sign in to answer