K
Q

SSL: CERTIFICATE_VERIFY_FAILED trying to validate a reCAPTCHA with django

3/12/2020

I'm getting a

<urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)>

When I try to validate captchas in my django project. This is how i do it:

  recaptcha_response = request.POST.get('g-recaptcha-response')
  print(recaptcha_response)
  url = 'https://www.google.com/recaptcha/api/siteverify'
  values = {
      'secret': settings.CAPTCHA_SECRET_KEY,
      'response': recaptcha_response
  }
  data = urllib.parse.urlencode(values).encode()
  req =  urllib.request.Request(url, data=data)
  response = urllib.request.urlopen(req) # It fails here
  result = json.loads(response.read().decode())
  print(result)

The site has a valid certificate, and it works on local. In the log i'm getting this:

Request Method: POST

Request URL: http://prod.xxxx.com/evalua

Which is weird because the site works in https. Its on kubernetes, could that be the problem? I really have no idea what the problem IS? I have the captcha keys correctly set up in de recaptcha admin console. And the certificate are not autosign. I use lets encrypt

-- Xhark
django
kubernetes
python
recaptcha
ssl

Similar Questions

How to connect to Mongodb from outside Kubernetes cluster
gitlab k8s auto devops, invalid reference format
How to filter the running nodes
Kubernetes - Are containers automatically allocated to nodes after adding worker node?

1 Answer

3/12/2020

Check how you build the container image for your app and if it has very old CA certificates in it. You can use something like ADD https://curl.haxx.se/ca/cacert.pem /etc/ssl/certs/cacert.pem to ensure you have the latest standard bundle. You can also switch to Requests and Certifi instead of urllib, as that embeds a copy of the current cert bundle and ensures it is used.

-- coderanger
Source: StackOverflow