I'm trying to connect to tables/views in Databricks using Python(via VS Code). However, I'm getting the following error:- File "C:\Users\XXXXXXXX\AppData\Roaming\Python\Python311\site-packages\urllib3\util\retry.py", line 592, in increment raise MaxRetryError(_pool, url, error or ResponseError(cause)) urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='xxx-lakehouse-prod.cloud.databricks.com', port=443): Max retries exceeded with url: /sql/1.0/warehouses/293f5a865d0f529e (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: CA signature digest algorithm too weak (_ssl.c:992)')))
Hi @Ankur_K, The error message you're encountering indicates an issue with verifying the SSL certificate for the provided URL. This "certificate verify failed" error can be due to various factors.
Here are some steps to resolve the problem:
Check SSL Certificate Status: Ensure that your SSL certificate is up-to-date and valid. Expired or incorrect SSL certificates can lead to certificate verification errors. Contact your certificate provider to renew or update your SSL certificate if necessary.
Specify SSL Version: You can attempt to specify a different SSL version in your Python code. For instance, consider using ssl.PROTOCOL_TLSv1_2 instead of ssl.PROTOCOL_SSLv3.
Here's an example of how to do it using the ssl module in Python:
Changing the SSL protocol might help establish a secure connection.
Add CA Certificate to Trusted Store: Manually adding the CA certificate to your system's trusted certificate store is another option. On most Linux systems, the trusted certificate store can be found in /etc/ssl/certs. However, it's crucial to verify the authenticity of the certificate with the certificate authority (CA) that issued it before adding it manually. Follow the steps in the provided link to add the certificate to your system's trusted store.
These steps should help you address the "certificate verify failed" error and establish a secure SSL connection. Remember to handle SSL certificates with care, as they are crucial for secure communication over HTTPS.
Thanks Kaniz! 1. I've checked the SSL certificate which is up-to-date. 2. Also attempted Specify SSL i.e. Version usingssl.PROTOCOL_TLSv1_2instead ofssl.PROTOCOL_SSLv3. It shoots deprecated warning. 3 "Add CA Certificate to Trusted Store":- I exported and added to my windows path(certs file). Long story short:- none of them worked out for me. My hunch:- my organisation might have configured firewall which prevents unauthorised APIs and causing certificate error message. Just working out my platform team if they can assist. Otherwise we can close this.