Add --ignore-ssl-errors flag and SSL certificate documentation#166
Open
philipdenys wants to merge 2 commits intooriginalankur:mainfrom
Open
Add --ignore-ssl-errors flag and SSL certificate documentation#166philipdenys wants to merge 2 commits intooriginalankur:mainfrom
philipdenys wants to merge 2 commits intooriginalankur:mainfrom
Conversation
## Summary Added support for bypassing SSL certificate verification errors commonly encountered on macOS when Python certificates are not properly installed. ## Changes Made ### 1. New Command-Line Flag - Added `--ignore-ssl-errors` flag to bypass SSL certificate verification - Includes warning message when flag is active - Not recommended for production use ### 2. SSL Patching Implementation - Monkey-patches `ssl._create_default_https_context` when flag is enabled - Lazy-loads geopy.geocoders.Nominatim to ensure patch takes effect - Disables urllib3 SSL warnings to reduce noise ### 3. Documentation - Created SSL_CERTIFICATE_ISSUE.md with: - Problem description and root cause - Recommended solution (Install Certificates.command) - Alternative solution (--ignore-ssl-errors flag) - Implementation details and security warnings ## Testing Tested on macOS with Python 3.11 experiencing SSL certificate errors. ## Usage Example ```bash # Development/testing only: python3 create_map_poster.py --ignore-ssl-errors -c Antwerp -C Belgium -t japanese_ink -d 15000 # Recommended approach: /Applications/Python\ 3.11/Install\ Certificates.command python3 create_map_poster.py -c Antwerp -C Belgium -t japanese_ink -d 15000 ``` ## Related Issues Addresses SSL certificate verification failures on macOS when using Python installed from python.org (not system Python or Homebrew). Fixes: Certificate verification errors with nominatim.openstreetmap.org
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR adds support for bypassing SSL certificate verification errors commonly encountered on macOS when Python certificates are not properly installed.
Problem
Users on macOS with Python installed from python.org frequently encounter SSL certificate verification errors when the script tries to geocode cities using the Nominatim API:
Changes Made
1. New Command-Line Flag
--ignore-ssl-errorsflag to bypass SSL certificate verification2. SSL Patching Implementation
ssl._create_default_https_contextwhen flag is enabledgeopy.geocoders.Nominatimto ensure patch takes effect before importget_coordinates()function signature to accept the flag (though patching happens globally)3. Documentation
SSL_CERTIFICATE_ISSUE.mdwith:/Applications/Python X.XX/Install Certificates.command--ignore-ssl-errorsflag (with security warnings)Usage Example
Development/Testing (with flag):
Recommended Approach (install certificates):
Testing
Security Note
The
--ignore-ssl-errorsflag is provided as a convenience for development and testing only. Users should be strongly encouraged to install proper SSL certificates using the recommended method.Related Issues
Addresses SSL certificate verification failures on macOS when using Python installed from python.org (not system Python or Homebrew).
Fixes: Certificate verification errors with nominatim.openstreetmap.org geocoding requests