RapidAPI functions in browser, but fails in my development environment

I am relatively new to working with APIs, so I might overlook something obvious. I’m currently implementing the Skyscanner API via RapidAPI for my project. While testing the API endpoint in the RapidAPI playground, everything operates smoothly. However, when I copy and paste the code into my development environment, it generates several error messages, particularly one stating “certificate verification failed.” Below is the code I executed (the API key is deliberately masked):

import requests

api_url = "https://skyscanner44.p.rapidapi.com/search"

params = {
    "adults": "1",
    "origin": "LAX",
    "destination": "DCA",
    "departureDate": "2022-08-01",
    "returnDate": "2022-08-15",
    "cabinClass": "economy",
    "currency": "USD"
}

headers = {
    "X-RapidAPI-Key": "XXX",
    "X-RapidAPI-Host": "skyscanner44.p.rapidapi.com"
}

response = requests.get(api_url, headers=headers, params=params)

print(response.text)

Below are the error messages I receive:

Traceback (most recent call last):
  File "C:\Users\624237\Anaconda3\envs\atmsTesting\lib\site-packages\urllib3\connectionpool.py", line 703, in urlopen
    httplib_response = self._make_request(
  File "C:\Users\624237\Anaconda3\envs\atmsTesting\lib\site-packages\urllib3\connectionpool.py", line 386, in _make_request
    self._validate_conn(conn)
  File "C:\Users\624237\Anaconda3\envs\atmsTesting\lib\site-packages\urllib3\connectionpool.py", line 1040, in _validate_conn
    conn.connect()
  File "C:\Users\624237\Anaconda3\envs\atmsTesting\lib\site-packages\urllib3\connection.py", line 414, in connect
    self.sock = ssl_wrap_socket(
  File "C:\Users\624237\Anaconda3\envs\atmsTesting\lib\site-packages\urllib3\util\ssl_.py", line 449, in ssl_wrap_socket
    ssl_sock = _ssl_wrap_socket_impl(
  File "C:\Users\624237\Anaconda3\envs\atmsTesting\lib\site-packages\urllib3\util\ssl_.py", line 493, in _ssl_wrap_socket_impl
    return ssl_context.wrap_socket(sock, server_hostname=server_hostname)
  File "C:\Users\624237\Anaconda3\envs\atmsTesting\lib\ssl.py", line 512, in wrap_socket
    return self.sslsocket_class._create(
  File "C:\Users\624237\Anaconda3\envs\atmsTesting\lib\ssl.py", line 1070, in _create
    self.do_handshake()
  File "C:\Users\624237\Anaconda3\envs\atmsTesting\lib\ssl.py", line 1341, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:997)

I would greatly appreciate any assistance!

Hi FlyingLeaf,

Your issue typically relates to SSL certificate verification, which can happen if your environment doesn’t have access to the necessary certificate authority files. Here’s how you can resolve it:

  1. Update SSL Certificates:

    If you’re using Anaconda, there’s a possibility that your SSL certificates might need to be updated. You can do this with the following command in your Anaconda environment:

    conda update certifi
  2. Verify Installation:

    Make sure your requests library is not out of date:

    pip install --upgrade requests
  3. Bypass Certificate Verification (Not Recommended for Production):

    If you want to test quickly without dealing with certificates, you can bypass verification by adding verify=False to your request. However, use this only for testing:

    
    response = requests.get(api_url, headers=headers, params=params, verify=False)
            

    Note: Neglecting SSL verification decreases security, so only use it as a last resort in a safe testing environment.

These steps should help you resolve the "certificate verification failed" issue and enable your API implementation to work as expected in your development environment.

Cheers,
David Grant

Hi FlyingLeaf,

Your problem with "certificate verification failed" usually occurs due to SSL certificate issues. Here are some efficient steps to troubleshoot and resolve this problem:

  1. Update SSL Certificates:

    Use this command in your Anaconda environment to update the certificate package:

    conda update certifi
  2. Update Requests Library:

    Ensure you're using the latest version to avoid known bugs:

    pip install --upgrade requests
  3. Temporary Bypass for Testing: (Not recommended for production)

    Disable SSL verification temporarily by adding verify=False to your request:

    response = requests.get(api_url, headers=headers, params=params, verify=False)

    Note: This reduces security, so use it sparingly and only in safe development environments.

These steps should align your development environment with the necessary requirements to handle API requests securely.

Best regards,
David Grant

Hi FlyingLeaf,

In addition to the excellent suggestions already mentioned by HappyDancer99, another perspective worth considering involves the configuration of your development environment related to SSL verification. It's pivotal to ensure the integrity of your connection especially when dealing with sensitive data in APIs. Let’s dive into a couple of more strategic solutions:

  1. Install Required CA Certificates:

    Sometimes, the missing component can be the Certificate Authority (CA) certificates that Python or your development environment employs. You can manually install the necessary certificates. If you’re using a requests library, consult the urllib3 documentation for guidance on this setup.

  2. Check your Environment Variables:

    Ensure that your SSL_CERT_DIR and SSL_CERT_FILE environment variables are correctly configured. They should ideally point to the directory or file that holds your CA certificates.

  3. Network Configuration:

    Ensure there are no restrictions from firewall or network settings that could block SSL verification. This might necessitate cooperation with your network administrator, particularly if you’re in a corporate network setting.

Incorporating these steps should help in addressing the SSL verification challenges you're experiencing. Such thorough inspections and adjustments provide not just a workaround, but an in-depth resolution that maintains the flow and security of your API interactions in the development process.

Best regards,
Ethan Voss

Hey FlyingLeaf,

To address the SSL certificate verification issue, try the following steps:

  1. Update SSL Certificates:
    Run this command in your Anaconda environment:
    conda update certifi
  2. Upgrade Requests Library:
    Ensure you're using the latest version:
    pip install --upgrade requests
  3. Temporarily Bypass Verification: (Test only)
    Add verify=False in your request:
    response = requests.get(api_url, headers=headers, params=params, verify=False)

Try these steps, and good luck with your API integration!

Hello FlyingLeaf,

Addressing the SSL certificate verification issue can be crucial for ensuring your development environment correctly mimics a secure production setting. Here are some additional insights and solutions that could help you resolve the problem:

  1. Ensure System Time and Date Accuracy:

    SSL certificates rely on a valid, correct system time and date, as they have specific validity periods. Double-check that your system's clock is accurate, as discrepancies can lead to failures in SSL verification.

  2. Custom Certificate Bundle:

    If your organization provides custom certificates, use the cert parameter to specify a path to your certificate bundle file:

    response = requests.get(api_url, headers=headers, params=params, cert='/path/to/your/certificate.pem')

    For details, see the Requests documentation on how to bundle certificates.

  3. Consider Downgrading Libraries Temporarily:

    In rare cases, certain library versions might introduce bugs that cause SSL issues. You might try downgrading to a previous stable version of requests or certifi, while keeping an eye out for subsequent updates that resolve known issues:

    pip install requests==version_here

Implementing these steps should provide a robust resolution to the SSL issues you're experiencing. Ensuring the security of your API connections is essential, so these strategic adjustments facilitate both the integrity and functionality of your setup.

Best regards,
Ethan Voss