Common SSL issues on Python and how to fix it

The error
Recommended fix: refresh your CA bundle
Update certifi (all OSes)
Install Certificates (macOS only)
Explicit certifi-aware context
Development-only workarounds
Unverified ssl context
Override the default HTTPS context
requests with verify=False
See also

TLDR:

Python’s CERTIFICATE_VERIFY_FAILED errors happen when your system can’t chain the server’s certificate back to a trusted root.
The safe fix is to update your system’s CA certificates — install certifi, or run Install Certificates.command on macOS.
Disabling SSL verification works as a development-only workaround but should never ship to production.

The error

When a Python HTTP client connects to your Chainstack endpoint over HTTPS, it validates the server’s TLS certificate by chaining it back to a trusted root certificate authority. If your system’s CA bundle is outdated or missing, you’ll see errors like:

[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate

Recommended fix: refresh your CA bundle

Update `certifi` (all OSes)

The certifi package ships Mozilla’s CA bundle for Python. Updating it covers most cases:

pip install --upgrade certifi

If you use requests, urllib, aiohttp, or httpx, they pick up the updated bundle automatically the next time they construct a default SSL context.

Install Certificates (macOS only)

Python installers on macOS don’t always install the system certificates. Run the bundled installer:

Open Spotlight (Cmd + Space).
Type Install Certificates.command and run it.

This installs certifi’s CA bundle into the Python you launched.

Explicit certifi-aware context

If updating certifi alone doesn’t take effect, build the SSL context explicitly:

import ssl
import certifi
from urllib.request import urlopen

url = "https://ethereum-mainnet.core.chainstack.com/AUTH_KEY"
context = ssl.create_default_context(cafile=certifi.where())
response = urlopen(url, context=context)

Development-only workarounds

These workarounds disable certificate validation. Use only for local debugging — never in production. Skipping verification makes your connection vulnerable to man-in-the-middle attacks.

Unverified `ssl` context

import ssl
import urllib.request

context = ssl._create_unverified_context()
urllib.request.urlopen(url, context=context)

Override the default HTTPS context

import ssl

ssl._create_default_https_context = ssl._create_unverified_context

`requests` with `verify=False`

import requests

requests.get(url, verify=False)

Platform

Pricing

Core

Add-ons

Security

Web3 [de]coded

Subgraphs (Deprecated)

MCP servers

Marketplace

Chainstack Compare

Chainstack ChatGPT plugin

Chainstack DLP browser extension

Protocols

Advanced APIs

Tooling

Common SSL issues on Python and how to fix it

The error

Recommended fix: refresh your CA bundle

Update `certifi` (all OSes)

Install Certificates (macOS only)

Explicit certifi-aware context

Development-only workarounds

Unverified `ssl` context

Override the default HTTPS context

`requests` with `verify=False`

See also

Platform

Pricing

Core

Add-ons

Security

Web3 [de]coded

Subgraphs (Deprecated)

MCP servers

Marketplace

Chainstack Compare

Chainstack ChatGPT plugin

Chainstack DLP browser extension

Protocols

Advanced APIs

Tooling

Documentation Index

​The error

​Recommended fix: refresh your CA bundle

​Update certifi (all OSes)

​Install Certificates (macOS only)

​Explicit certifi-aware context

​Development-only workarounds

​Unverified ssl context

​Override the default HTTPS context

​requests with verify=False

​See also

The error

Recommended fix: refresh your CA bundle

Update `certifi` (all OSes)

Install Certificates (macOS only)

Explicit certifi-aware context

Development-only workarounds

Unverified `ssl` context

Override the default HTTPS context

`requests` with `verify=False`

See also