Solvedasyncpg SSL Certificate Verify Failed

  • 13.0:
  • 9.6.1:
  • Do you use a PostgreSQL SaaS? If so, which? Can you reproduce
    the issue with a local PostgreSQL install?
    Yes, Heroku.:
  • 3.6.3:
  • Windows 10:
  • Do you use pgbouncer? No:
  • Did you install asyncpg with pip? Yes:

I was getting the same issue as #119 . I enabled the ssl=True in the await asyncpg.create_pool(self.dsn, ssl=True) - and the same occurs with connect.

So then I used the SSL keyword param, and got ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777).

39 Answers

βœ”οΈAccepted Answer

Thanks, guys, here is what eventually works for me:

ctx = ssl.create_default_context(cafile='./rds-combined-ca-bundle.pem')
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
con = await asyncpg.connect(settings.DATABASE_URL, ssl=ctx)

Other Answers:

@imbolc I think there's little point in actually using the certificate if you disable verification (ctx.verify_mode = ssl.CERT_NOTE).

ctx = ssl.create_default_context(cafile='')
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
...
await asyncpg.create_pool(dns='...', ssl=ctx)

Work too

OK, so I went and created a test RDS instance to test. The following works perfectly for me:

import asyncio
import asyncpg
import os.path
import ssl


async def aws_ssl():
    ctx = ssl.create_default_context(
        cafile=os.path.join(os.path.dirname(__file__), 'rds-combined-ca-bundle.pem'))
    pool = await asyncpg.create_pool(
        host='asyncpg-test.cpa3bgqi3hfw.us-east-1.rds.amazonaws.com',
        user='postgres',
        database='test',
        password='***',
        ssl=ctx
    )

    async with pool.acquire() as conn:
        try:
            print(await conn.fetchval('SELECT 1'))
        finally:
            pass

if __name__ == '__main__':
    loop = asyncio.get_event_loop()
    loop.run_until_complete(aws_ssl())

Where rds-combined-ca-bundle.pem was downloaded from https://s3.amazonaws.com/rds-downloads/rds-combined-ca-bundle.pem

Related Issues:

10
asyncpg SSL Certificate Verify Failed
Thanks guys here is what eventually works for me: 13.0: 9.6.1: Do you use a PostgreSQL SaaS? If so ...
4
beast simple http client sync unstable
I found a work around how to reuse https socket Hello I took code from example of http_client_sync a...
96
fastapi WARNING: Unsupported upgrade request.
This error is not part of the FastAPI codebase When attempting to run this (using UviCorn) it starts...
74
hangups Error: invalid_scope from oauth2
Got a workaround here! Using one of the urls linked above you can get to a programmatic_auth url tha...
64
fastapi [QUESTION] How to bridge Pydantic models with SQLAlchemy?
I just finished integrating Pydantic ORM mode into FastAPI it is released as version 0.30.0 πŸŽ‰ The n...
61
python slack sdk SSL Certification error
This is sloved my problem.. Description I've built a bot in python 3.7 using a virtual engine ...
52
fastapi [QUESTION] How to send 204 response?
Instead of returning None and instead of injecting the response just return a newly created response...
43
gevent SSLContext infinite recursion in Python 3.6
Thanks The problem is that you're importing requests before you monkey patch You must monkey patch b...
42
fastapi OpenAPI UI not working properly when using automatic swagger-ui CDN (swagger-ui-3.30.1)
Thanks for reporting it and for all the discussion here everyone! πŸš€ β˜• Indeed it's a bug in Swagger ...
38
aiohttp "RuntimeError: Event loop is closed" when ProactorEventLoop is used
I found another solution for this problem if some still having issues with it This involves directly...
37
python socketio Emit from background thread in python
@djpimp2010 here is an example that works using a green thread or greenlet with eventlet as @miguelg...
34
fastapi [QUESTION] Is this the correct way to save an uploaded file ?
@classywhetten FastAPI has almost no custom logic related to UploadFile -- most of it is coming from...
34
fastapi [QUESTION] Storing object instances in the app context
@ebarlas you're 100% right Description In Flask ...
34
tortoise orm Migrations
Hey guys I'm excited to announce that now we have a migrate tool written by pure python and just for...
31
hangups Support for Google provided email accounts (i.e. myusername@myuniversity.edu)
Manual login process: Download and run this Python script It requires hangups to be installed Open t...
30
fastapi [QUESTION] aiohttp integration best practice
That is one way if you want create a new session for every request You can also use a singleton appr...
26
fastapi logs with FastAPI and Uvicorn
Doing : is exactly what I was looking for ! Thank you dbanty. Hello Thanks for FastAPI easy to use i...
22
core mobile_app generated webhook error
Pascal has some thoughts It's probably related to the client breaking the connection while sensor st...
22
fastapi [QUESTION] Client Credentials Flow openAPI UI
I think I found the solution for others looking to implement the code - tiangolo has already enabled...
21
sanic sanic.exceptions.RequestTimeout: Request Timeout
I've been seeing this error behaviour with every Sanic app I've written in the last month or two ...
21
python slack sdk Jupyter lab - "RuntimeError: Cannot run the event loop while another loop is running"
I'm running into similar issues in Jupyter notebooks with no clear workaround It seems that the defa...
21
fastapi FastAPI 0.65.2 POST request fails with "value is not a valid dict" when using the Requests library; 0.65.1 works (with a caveat)
Can confirm this still happens! We solved it by adding a -H Content-Type: application/json to the cu...
20
sanic Blueprint middleware applied globally
To add my two cents: While it might be beneficial to apply middleware registered on a blueprint glob...
19
core Home Assistant UI not starting fully in 0.83
@timstanley1985 Thanks for the info After upgrade configuration.yaml from: to: Home-Assistant works ...
19
fastapi [QUESTION] Using pydantic models for GET request query params? Currently not possible, have to use dataclasses or normal classes.
@LasseGravesen You would do it like this: Check the docs here: https://fastapi.tiangolo.com/tutorial...
18
aiohttp ssl.SSLError: [SSL: KRB5_S_INIT] application data after close notify (_ssl.c:2605)
For those looking for a work-around to at least silence these exceptions: the traceback seen is outp...
18
python slack sdk ImportError: No module named slackclient
@NathanSepulveda πŸ‘‹ I may be able to help! β›‘ It seems like you're attempting to use the name slackcl...
18
fastapi [QUESTION] about threads issue with fastapi.
Hello Hi I have a question about the threads issue with fastapi ...
17
core After HA upgrade to 0.115.0b8, yeelights entities are not available
I create a PR (#40251) to fix this issue Sorry for the inconvenience We'll try to merge and release ...
17
python socketio AttributeError: module 'socketio' has no attribute 'Client'
@miguelgrinberg I see what happened I opened https://python-socketio.readthedocs.io/en/latest/intro....
16
core MYQ API Issue
So how do you do that if you are running the hassio image which doesn't have that path in the docker...
15
core recorder doesn't support MariaDB in Docker - error "No module named 'pymysql'"
It's really frustrating and I really can't understand why is this not included in the official image...
15
python socketio AttributeError: 'module' object has no attribute 'Server'
What module did you install? This package is under python-socketio in the package repository. ...
15
fastapi [FEATURE] support for rate-limit
I've taken a stab at adapting flask-limiter to starlette and FastAPI Is your feature request related...
14
fastapi [QUESTION] How can I serve static files (html, js) easily?
Hi in case a solution is still needed though the issue is closed Description How can I serve static ...
14
fastapi Using UploadFile and Pydantic model in one request
Oups sorry I forgot I made custom validator to transform str to json for Model: ...
13
httpx Community discussion
I believe beyond technical details we should establish a new PSF Work Group for HTTP to better acqui...
13
python slack sdk Upload a file
FWIW I'm using slackclient 1.0.9 and I just successfully used the following code to upload a file vi...
13
fastapi How can I pass the configuration in the app?
Is the example I posted above not clear enough? Without going into all the nuances of everything my ...
12
python slack sdk RFC: Python Slack Client v2.0
@ovv Thanks for reading and being the first to comment on this issue The current plan is to continue...
12
fastapi [BUG] openapi.json fails to be generated for nested models
oups sorry I think your mistake is putting response_model=SimilarProducts in the wrong spot it's in ...
11
core Why do you restart Home Assistant?
Ones I am working though I use these... People talk about how they want to have the Home Assistant r...
11
python socketio Invalid async_mode specified
It works!!! I add 'engineio.async_gevent' to hiddenimports in spec file very very grateful for your ...
11
sanic Update default json library
I must admit I am not familiar with orjson but the project does look promising However ...
11
fastapi Debug Logging (Maybe just a n00b issue)
ok so basically I'm using this in a applog package you use it wherever your entrypint is this way sh...
11
fastapi [QUESTION] How ot handle generic text.plain POST requests
@CockyAmoeba tl;dr: Body(...) means a body parameter that is required The first argument to Body For...
11
fastapi [QUESTION] Use UploadFile in Pydantic model
Thanks a lot for your helpful comment So I guess I'd have to explicitly separate the file from the J...
11
fastapi [BUG] Use third party class as property in pydantic schema
I'm using the solution proposed by @tiangolo up above just I preferred doing this: this way I can ei...
9
core Log gets filled with debug messages from fritzconnection
Please add the following lines to your configuration.yaml: and report back Simone ...
8
core LG webostv if TV is OFF when HA start, loss possibility to turn ON
Summary of problem: A unique_id property was added to the media_player entity which allows it to use...