I’m having trouble connecting to JIRA through Python API and getting SSL certificate errors. Here’s my current setup:
JIRA_SERVER = "My Company Jira URL"
API_TOKEN = 'My Access Token'
connection = JIRA(JIRA_SERVER, token_auth=API_TOKEN)
When I run this code, I get this error message:
HTTPSConnectionPool max retries exceeded with url: /rest/api/2/serverInfo (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1056)')))
I need to know how to handle this SSL certificate issue. I’ve looked through various solutions online but most examples use different connection methods than mine. Is there a way to either bypass the SSL verification or properly configure the certificate path? I’d prefer not to use python-certifi-win32 if possible.
Add your certificate bundle path to the connection. Download your company’s certificate chain and use the options parameter: JIRA(JIRA_SERVER, token_auth=API_TOKEN, options={'verify': '/path/to/certificate.pem'}). This keeps security intact while fixing the SSL error. I hit the same problem when our corporate firewall was intercepting SSL connections. Ask your IT department for the certificate bundle file - they’ve usually got it ready for developers. Way safer than just disabling verification since you’re still validating against the right certificate.
had the same issue! just use options={'verify': False} in your JIRA constructor: JIRA(JIRA_SERVER, token_auth=API_TOKEN, options={'verify': False}). worked for me, but it’s not super safe so watch out when in production.
You can also update your system’s certificate store - this usually fixes it for good. On Windows, run pip install --upgrade certifi to grab the latest certificate bundle. If that doesn’t work, set the REQUESTS_CA_BUNDLE environment variable to point to your cert file before running your script. I’ve had great luck with this in corporate environments where cert issues keep popping up across projects. The best part? You don’t touch your code at all - just set the environment variable once and it works for all your requests. Way cleaner than hardcoding cert paths everywhere.