I got an error from my python web server, and I tried to access a page on en.gientech.com and got error:
“SSLCertVerificationError(1, ‘[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1129)’)”
Similar to this issue: sslcertverificationerror/8341/2
I figured out that my /opt/render/project/src/.venv/lib/python3.9/site-packages/certifi/cacert.pem doesn’t have a cert from GeoTrust RSA CA 2018 · SSL-Tools. that caused the error.
On my local env, I have this GeoTrust RSA CA 2018 cert, so the server doesn’t throw same error on local.
My question is:
Can render add this cert to the cacert.pem?
If render cannot do that in a general manner, how can I add it myself without losing it in every deployment?
If you have the version of certifi pinned in your requirements.txt changing, the requirments.txt to a newer version should update it on your next build. If you don’t have a specific version in your requirements.txt you can do a manual build without cache and the latest version should be installed. The manual deploy option is on our dashboard in the top right when you have the service page open.