Skip to content

feat: need to add a way to override the SSL verify context through the clie… #400

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

feat: need to add a way to override the SSL verify context through the clie… #400

wants to merge 1 commit into from

Conversation

cmosguy
Copy link

@cmosguy cmosguy commented May 12, 2025

We need a way to pass in the a context to the httpx client library so that we can manage the untreated certs.

The only way to do this is by following the recommendation here:

https://www.python-httpx.org/advanced/ssl/

All this fixes the issue to work around the error:

httpx.ConnectError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: certificate has expired (_ssl.c:997)

@cmosguy cmosguy changed the title need to add a way to override the SSL verify context through the clie… feat: need to add a way to override the SSL verify context through the clie… May 12, 2025
@Pijukatel
Copy link
Contributor

Pijukatel commented May 14, 2025
edited
Loading

Maybe we should rather allow passing custom http client to the ApifyClientAsync, ApifyClient init methods?
What do you think @janbuchar , @vdusek ?

@janbuchar
Copy link
Contributor

Maybe we should rather allow passing custom http client to the ApifyClientAsync, ApifyClient init methods? What do you think @janbuchar , @vdusek ?

Maybe 🤷 However, we would have to change up the _BaseHTTPClient a bit so that we wouldn't need to pass both the sync and async version to it as that would be super unwieldy.

But, first of all... where did you get this error @cmosguy? I don't see a reason for api.apify.com to have an expired certificate. Can you show us a reproduction?

@cmosguy
Copy link
Author

cmosguy commented May 17, 2025

Maybe we should rather allow passing custom http client to the ApifyClientAsync, ApifyClient init methods? What do you think @janbuchar , @vdusek ?

Maybe 🤷 However, we would have to change up the _BaseHTTPClient a bit so that we wouldn't need to pass both the sync and async version to it as that would be super unwieldy.

But, first of all... where did you get this error @cmosguy? I don't see a reason for api.apify.com to have an expired certificate. Can you show us a reproduction?

Hey @janbuchar I am using my own laptop with MacOS and have no idea really how to resolve or get around this. It is not a laptop I setup, it was given to me. I do have Zscaler installed, but I am not sure if that matters. Any solution you can provide to the client so that we can inject new context to override the SSL would be great. Unless you have other ideas.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@cmosguy @Pijukatel @janbuchar