Disabling SSL verification¶
Using conda with SSL is strongly recommended, but it is possible to disable SSL and it may be necessary to disable SSL in certain cases.
Some corporate environments use proxy services that use Man-In-The-Middle (MITM) attacks to sniff encrypted traffic. These services can interfere with SSL connections such as those used by conda and pip to download packages from repositories such as PyPI.
If you encounter this interference, you should set up the proxy service’s
certificates so that the
requests package used by conda can recognize and
use the certificates.
For cases where this is not possible, conda-build versions 3.0.31 and higher have an option that disables SSL certificate verification and allows this traffic to continue.
conda skeleton pypi can disable SSL verification when pulling packages
from a PyPI server over HTTPS.
WARNING: This option causes your computer to download and execute arbitrary code over a connection that it cannot verify as secure. This option is not recommended. Use this option only if necessary. Use this option at your own risk.
To disable SSL verification when using
conda skeleton pypi, set the
SSL_NO_VERIFY environment variable to either
On *nix systems:
SSL_NO_VERIFY=1 conda skeleton pypi a_package
And on Windows systems:
set SSL_NO_VERIFY=1 conda skeleton pypi a_package set SSL_NO_VERIFY=
We recommend that you unset this environment variable immediately after use. If it is not unset, some other tools may recognize it and incorrectly use unverified SSL connections.
Using this option will cause
requests to emit warnings to STDERR about
insecure settings. If you know that what you’re doing is safe, or have been
advised by your IT department that what you’re doing is safe, you may ignore