Hi all,
I am trying to download the bokeh sample data from an alpine docker container and I am facing the following SSL error.
host:~$ bokeh sampledata
Using data directory: /home/nbuser/.bokeh/data
ERROR:<urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed
(_ssl.c:645)>
I did not find any solution to my problem on the internet, thus I am asking the bokeh community here.
Some more information about my environment below : I am running alpine linux 3.4 in a docker container with following software installed :
- Python 3.5.2
- OpenSSL 1.0.2j 26 Sep 2016
- ca-certificates 20160104 r4
- pip 8.1.2 from /usr/lib/python3.5/site-packages (python 3.5)
- pip3 list =
- bokeh (0.12.3)
- certifi (2016.9.26)
- cffi (1.8.3)
- cryptography (1.5.2)
- Cython (0.25.1)
- decorator (4.0.10)
- entrypoints (0.2.2)
- idna (2.1)
- ipykernel (4.5.0)
- ipython (5.1.0)
- ipython-genutils (0.1.0)
- ipywidgets (5.2.2)
- Jinja2 (2.8)
- jsonschema (2.5.1)
- jupyter (1.0.0)
- jupyter-client (4.4.0)
- jupyter-console (5.0.0)
- jupyter-core (4.2.0)
- MarkupSafe (0.23)
- mistune (0.7.3)
- nbconvert (4.2.0)
- nbformat (4.1.0)
- notebook (4.2.3)
- numpy (1.11.2)
- pandas (0.19.0)
- pexpect (4.2.1)
- pickleshare (0.7.4)
- pip (8.1.2)
- prompt-toolkit (1.0.8)
- ptyprocess (0.5.1)
- pyasn1 (0.1.9)
- pycparser (2.17)
- Pygments (2.1.3)
- pyOpenSSL (16.2.0)
- python-dateutil (2.5.3)
- pytz (2016.7)
- PyYAML (3.12)
- pyzmq (16.0.0)
- qtconsole (4.2.1)
- requests (2.11.1)
- setuptools (20.10.1)
- simplegeneric (0.8.1)
- six (1.10.0)
- terminado (0.6)
- tornado (4.4.2)
- traitlets (4.3.1)
- wcwidth (0.1.7)
- widgetsnbextension (1.2.6)
Running bokeh from a jupyter notebook
import bokeh.sampledata;
bokeh.sampledata.download();
Using data directory: /home/nbuser/.bokeh/data
SSLError Traceback (most recent call last)
/usr/lib/python3.5/urllib/request.py in do_open(self, http_class, req, **http_conn_args)
1253 try:
→ 1254 h.request(req.get_method(), req.selector, req.data, headers)
1255 except OSError as err: # timeout error
/usr/lib/python3.5/http/client.py in request(self, method, url, body, headers)
1105 “”“Send a complete request to the server.”“”
→ 1106 self._send_request(method, url, body, headers)
1107
/usr/lib/python3.5/http/client.py in _send_request(self, method, url, body, headers)
1150 body = _encode(body, ‘body’)
→ 1151 self.endheaders(body)
1152
/usr/lib/python3.5/http/client.py in endheaders(self, message_body)
1101 raise CannotSendHeader()
→ 1102 self._send_output(message_body)
1103
/usr/lib/python3.5/http/client.py in _send_output(self, message_body)
933
→ 934 self.send(msg)
935 if message_body is not None:
/usr/lib/python3.5/http/client.py in send(self, data)
876 if self.auto_open:
→ 877 self.connect()
878 else:
/usr/lib/python3.5/http/client.py in connect(self)
1259 self.sock = self._context.wrap_socket(self.sock,
→ 1260 server_hostname=server_hostname)
1261 if not self._context.check_hostname and self._check_hostname:
/usr/lib/python3.5/ssl.py in wrap_socket(self, sock, server_side, do_handshake_on_connect, suppress_ragged_eofs, server_hostname)
376 server_hostname=server_hostname,
→ 377 _context=self)
378
/usr/lib/python3.5/ssl.py in init(self, sock, keyfile, certfile, server_side, cert_reqs, ssl_version, ca_certs, do_handshake_on_connect, family, type, proto, fileno, suppress_ragged_eofs, npn_protocols, ciphers, server_hostname, _context)
751 raise ValueError("do_handshake_on_connect should not be specified for non-blocking sockets")
→ 752 self.do_handshake()
753
/usr/lib/python3.5/ssl.py in do_handshake(self, block)
987 self.settimeout(None)
→ 988 self._sslobj.do_handshake()
989 finally:
/usr/lib/python3.5/ssl.py in do_handshake(self)
632 """Start the SSL/TLS handshake."""
→ 633 self._sslobj.do_handshake()
634 if self.context.check_hostname:
SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)
During handling of the above exception, another exception occurred:
URLError Traceback (most recent call last)
in ()
1 import bokeh.sampledata;
2
----> 3 bokeh.sampledata.download();
/usr/lib/python3.5/site-packages/bokeh/sampledata/init.py in download(progress)
79
80 for base_url, file_name in files:
—> 81 _getfile(base_url, file_name, data_dir, progress=progress)
82
83 def _getfile(base_url, file_name, data_dir, progress=True):
/usr/lib/python3.5/site-packages/bokeh/sampledata/init.py in _getfile(base_url, file_name, data_dir, progress)
85 file_path = join(data_dir, file_name)
86
—> 87 url = urlopen(file_url)
88
89 with open(file_path, 'wb') as file:
/usr/lib/python3.5/urllib/request.py in urlopen(url, data, timeout, cafile, capath, cadefault, context)
161 else:
162 opener = _opener
→ 163 return opener.open(url, data, timeout)
164
165 def install_opener(opener):
/usr/lib/python3.5/urllib/request.py in open(self, fullurl, data, timeout)
464 req = meth(req)
465
→ 466 response = self._open(req, data)
467
468 # post-process response
/usr/lib/python3.5/urllib/request.py in _open(self, req, data)
482 protocol = req.type
483 result = self._call_chain(self.handle_open, protocol, protocol +
→ 484 ‘_open’, req)
485 if result:
486 return result
/usr/lib/python3.5/urllib/request.py in _call_chain(self, chain, kind, meth_name, *args)
442 for handler in handlers:
443 func = getattr(handler, meth_name)
→ 444 result = func(*args)
445 if result is not None:
446 return result
/usr/lib/python3.5/urllib/request.py in https_open(self, req)
1295 def https_open(self, req):
1296 return self.do_open(http.client.HTTPSConnection, req,
→ 1297 context=self._context, check_hostname=self._check_hostname)
1298
1299 https_request = AbstractHTTPHandler.do_request_
/usr/lib/python3.5/urllib/request.py in do_open(self, http_class, req, **http_conn_args)
1254 h.request(req.get_method(), req.selector, req.data, headers)
1255 except OSError as err: # timeout error
→ 1256 raise URLError(err)
1257 r = h.getresponse()
1258 except:
URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)>
Seems it is something to deal with the docker container hostname or name resolution inside the SSL resolution process but I was not able to figure out what the problem is.
Any ideas ?
NB: I was able to run the bookeh sampledata command succesfully from the host (the host of docker container). Thus it might be a misconfiguration of the docker container itself.
Thanks for your help.