0

I'm creating a telegram bot using python which gets data from APIs (I'm using requests and http.client). It used to work since yesterday. Now I get this error. I search on google and found that it may be some of my certificate. I followed some of the answers I found which told me to download and install a new certificate but it didn't work. Here is what I get when I run my .py code. Do you have an idea of what is the issue and how I can solve it?

Traceback (most recent call last):
  File "C:\Users\33652\Documents\Github\Telegram-bot\test.py", line 10, in <module>
    conn.request("GET", "/games?date=2019-11-23", headers=headers)
  File "C:\Users\33652\anaconda3\envs\telegram\lib\http\client.py", line 1253, in request
    self._send_request(method, url, body, headers, encode_chunked)
  File "C:\Users\33652\anaconda3\envs\telegram\lib\http\client.py", line 1299, in _send_request
    self.endheaders(body, encode_chunked=encode_chunked)
  File "C:\Users\33652\anaconda3\envs\telegram\lib\http\client.py", line 1248, in endheaders
    self._send_output(message_body, encode_chunked=encode_chunked)
  File "C:\Users\33652\anaconda3\envs\telegram\lib\http\client.py", line 1008, in _send_output
    self.send(msg)
  File "C:\Users\33652\anaconda3\envs\telegram\lib\http\client.py", line 948, in send
    self.connect()
  File "C:\Users\33652\anaconda3\envs\telegram\lib\http\client.py", line 1422, in connect
    self.sock = self._context.wrap_socket(self.sock,
  File "C:\Users\33652\anaconda3\envs\telegram\lib\ssl.py", line 500, in wrap_socket
    return self.sslsocket_class._create(
  File "C:\Users\33652\anaconda3\envs\telegram\lib\ssl.py", line 1040, in _create
    self.do_handshake()
  File "C:\Users\33652\anaconda3\envs\telegram\lib\ssl.py", line 1309, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: certificate has expired (_ssl.c:1123)

The code that is running :

import http.client

conn = http.client.HTTPSConnection("v1.basketball.api-sports.io")

headers = {
    'x-rapidapi-host': "v1.basketball.api-sports.io",
    'x-rapidapi-key': "XxXxXxXxXxXxXxXxXxXxXxXx"
    }

conn.request("GET", "/games?date=2019-11-23", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))

I would like to add that this code was running perfectly fine 2 days ago.

Improve this question
2
  • There's no code here so it's hard to guess, but it could be due to the recent expiration of the letsencrypt root certificate. Make sure you update the CA certificates on whatever host you're running this from. Commented Oct 6, 2021 at 14:15
  • I had the code but I'm not sure it would be helpful. But how can I update my certificates ? Commented Oct 6, 2021 at 20:28

1 Answer 1

Reset to default
1

If the certificate is issued through Let's encrypt make sure to remove the expired DST Root CA X3 issued R3 certificate in your Intermediate cert store on the client.

R3 cert

Also if you switch to using the requests library you might also get around the issue (https://pypi.org/project/requests/).

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

But how do I know that the certificate comes from Let's encrypt ? I did not add anything ! I just ran the .py code and it worked for a bit only ! And where can I find this R3 certificate on windows ? I tried certmgr on cmd but I do not find this certificate... Edit : I found it but what happens if i delete this certificate ?
You can look at the APIs certificate chain. It should look like ISRG Root X1 => R3 => TheApiYouAreUsing. If you delete the cert it shouldn't matter. It' expired 29.09.2021...

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.