# Pip Install Fails With "Connection Error: [Ssl: Certificate_verify_failed] Certificate Verify Failed (_ssl.c:598)" The error `"ConnectionError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:598)"` occurs when `pip` is unable to verify the SSL certificate of the repository from which it is trying to download a package. This can happen for several reasons, including an outdated or misconfigured CA certificates bundle or network issues. Below are several ways to resolve this issue. ### Solution 1: Upgrade `pip` Ensure that you have the latest version of `pip`, as older versions may have issues with SSL certificates. ```bash python -m pip install --upgrade pip ``` ### Solution 2: Add the Trusted Host Option If you're certain that the repository you are connecting to is trustworthy, you can bypass SSL certificate verification by adding the `--trusted-host` option: ```bash pip install --trusted-host pypi.org --trusted-host files.pythonhosted.org ``` For example: ```bash pip install requests --trusted-host pypi.org --trusted-host files.pythonhosted.org ``` ### Solution 3: Install the `certifi` Package and Use it with `pip` The `certifi` package provides Mozilla's CA Bundle in Python. You can use this to ensure that `pip` uses the correct CA certificates. 1. Install `certifi`: ```bash pip install certifi ``` 2. Locate the path to `certifi`’s certificate: ```bash python -m certifi ``` 3. Export the `SSL_CERT_FILE` environment variable to point to the `certifi` certificate bundle: - On **Windows**: ``` set SSL_CERT_FILE=C:\\path\\to\\cacert.pem ``` - On **Linux/macOS**: ```bash export SSL_CERT_FILE=/path/to/cacert.pem ``` 4. Run `pip` again: ```bash pip install ``` ### Solution 4: Manually Update `certifi` Certificate If the issue persists, you can manually update the certificates used by `pip`. 1. Download the latest `cacert.pem` file from the [certifi GitHub repository](https://github.com/certifi/python-certifi). 2. Replace the existing `cacert.pem` file in your Python installation's `certifi` directory with the newly downloaded file. The directory can typically be found here: - **Windows**: `C:\\PythonXX\\Lib\\site-packages\\certifi` - **macOS/Linux**: `/usr/local/lib/pythonX.X/site-packages/certifi` ### Solution 5: Disable SSL Verification (Temporary Solution) As a last resort, you can disable SSL verification entirely. This is generally not recommended due to the security implications. 1. Create or edit the `pip.conf` file: - **Windows**: `%APPDATA%\\pip\\pip.ini` - **Linux/macOS**: `~/.pip/pip.conf` or `~/.config/pip/pip.conf` 2. Add the following lines: ``` [global] trusted-host = pypi.org disable-pip-version-check = true ``` 3. Try running `pip install` again. ### Solution 6: Ensure System Time is Correct Sometimes SSL errors occur if your system's date and time are incorrect. Make sure your system time is accurate and synchronized with a time server. ### Summary The SSL verification error with `pip` is typically due to issues with certificate verification. You can resolve it by updating `pip`, configuring the `trusted-host` option, using the `certifi` package, or as a last resort, disabling SSL verification. Each method has different security implications, so it's important to choose the one that best fits your situation.