解决方案：SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to

通过python代码爬取数据时出现了这个错误。python代码如下：

from requests import getimport requestsurl = "https://xx.xx.xx:8888/states"headers = {"Authorization": "Bearer token","content-type": "application/json",}response = get(url, headers=headers)print(response.text)

报出了如上的错误。在网上搜索了很多资料，大部分建议将ssl证书验证关闭即

response = get(url, headers=headers, verify=False)

但是这样面临着被攻击的风险。在查阅了相关资料后，发现https走的是非对称加密，客户端（执行python的机器）必须要手握公钥才能和服务器加密通信。ubuntu系统（本人开发环境）的公钥放在/etc/ssl/certs/ca-certificates.crt中，这个文件中存储了大部分的公钥，访问一般的网站不会出现问题，如百度：

ubuntu:~/Desktop$ curl -v * Trying 14.215.177.38:443...* TCP_NODELAY set* Connected to (14.215.177.38) port 443 (#0)* ALPN, offering h2* ALPN, offering http/1.1* successfully set certificate verify locations:* CAfile: /etc/ssl/certs/ca-certificates.crtCApath: /etc/ssl/certs* TLSv1.3 (OUT), TLS handshake, Client hello (1):* TLSv1.3 (IN), TLS handshake, Server hello (2):* TLSv1.2 (IN), TLS handshake, Certificate (11):* TLSv1.2 (IN), TLS handshake, Server key exchange (12):* TLSv1.2 (IN), TLS handshake, Server finished (14):* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):* TLSv1.2 (OUT), TLS handshake, Finished (20):* TLSv1.2 (IN), TLS handshake, Finished (20):* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256

而本次要访问的网站是自己搭建的，需要将公钥拷贝到/etc/ssl/certs/ca-certificates.crt。本人使用的是万网的免费域名证书，只要将chain.crt以及public.crt中的公钥拷贝到/etc/ssl/certs/ca-certificates.crt即可正常访问网站。

大家觉得有所帮忙请点个赞：）