0

I am stuck using pip 1.4.1 and have run up against a problem when upgrading package.

Could not fetch URL https://pypi.python.org/simple/pymongo/: There was a problem confirming 
the ssl certificate: <urlopen error [Errno 1] _ssl.c:509: error:1407742E:SSL 
routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version>

I have seen that later versions of pip you can do --trusted-host to ignore the certs warning. But on 1.4.1 it appears that this option is not available. How to fix?

Zuriar
  • 8,864
  • 14
  • 46
  • 76
  • Is it possible to upgrade pip? Which OS are you on? Did you check that you have the appropriate root certificates installed? Did it work before? – a_guest Feb 06 '20 at 15:32
  • Does [this answer](https://stackoverflow.com/a/38908406/3767239) help you? – a_guest Feb 06 '20 at 15:37
  • 1
    Are you sure you have pip **1.4.1**? The most recent version is **20.0.2**. Your version would be more than ancient and outdated – FlyingTeller Feb 06 '20 at 15:54

1 Answers1

0

The worst problem in your case is not untrusted host, the worst problem is too old versions of Python and OpenSSL. Your pip tried to use protocol version TLS v1 which PyPI stopped supporting long ago.

To install packages over the Net you need to upgrade OpenSSL, Python and pip. If you cannot upgrade you cannot install from PyPI directly. Then you can try to download packages from PyPI using a browser and install them from the local filesystem.

You can also use pip download on a host with more modern OpenSSL/Python/pip, transfer downloaded packages to the ancient host and install them there. See https://stackoverflow.com/a/14447068/7976758

phd
  • 57,284
  • 10
  • 68
  • 103