SSL Certificate Issue

Himanshi-huggingface · August 20, 2023, 10:49am

Error : SSLError: HTTPSConnectionPool(host=‘huggingface.co’, port=443): Max retries exceeded with url: / (Caused by SSLError(SSLCertVerificationError(1, ‘[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: Unable to get local issuer certificate (ssl.c:997)’)))

Python Script

from transformers import AutoTokenizer
from transformers import TFAutoModelForMaskedLM
tokenizer = AutoTokenizer.from_pretrained(‘distilroberta-base’)
model_checkpoint = ‘distilbert-base-uncased’
model = TFAutoModelForMaskedLM.from_pretrained(model_checkpoint)
model.summary()

Observations:

When we try to run the above mentioned python script where we trying to establish the connection with hugging face and using the transformer library we are facing the SSL issue .

When we checked the SSL certificate with Domain-joined machine , we found the Issuer By as ‘Cisco Umbrella’ . Please see the below image.

When we checked the SSL certificate without Domain-joined machine , we found the Issued By as 'Amazon RSA 2048 M01 ’ .

Please have the look on the SSL certificate and if we can get the resolution and the cause of the issue. Thanks

porestar · January 15, 2024, 9:31am

I would like to bump this issue back up because we are facing the same issue in our company and effectively cant use any of the huggingface services that require us to download models due to this issue. According to our cybersecurity it can only be fixed by huggingface since whitelisting the certificate is not an option to us.
Can you prioritize this?

irow · January 22, 2024, 7:48pm

I’m having the same issue. I can download different tokenizers, but not the actual model they belong to.

porestar · February 16, 2024, 11:11am

Any update on this @huggingface? Please update your certificates.

peter-washburn · February 20, 2024, 1:45pm

It looks like you are behind Cisco Umbrella, which decrypts traffic from websites it deems suspicious or risky and re-encrypts it with its own certificate. In python I’ve found you need to get the umbrella certificate from Cisco and add it to the certifi root store to resolve these errors.
Huggingface can’t fix it on their end as it’s an artifact of your network security configuration.

jiveshk · April 23, 2024, 11:14am

2 fixes

quick one - on windows - pip install python-certifi-win32
preferred - install transformers package using the following command
pip install transformers --use-feature=truststore

Topic		Replies	Views
SSLError: Cannot instantiate a HuggingFace model Beginners	0	414	March 4, 2024
[ssl: certificate_verify_failed] Beginners	1	2525	April 29, 2024
Getting SSL Error when login Beginners	0	4097	August 19, 2021
SSL Certificates Error Beginners	0	755	December 27, 2023
502 server error when running model Intermediate	3	4182	July 4, 2023

SSL Certificate Issue

Related Topics