I haven’t been able to identify the correct incantation that will point pip at a CA chain that avoids this issue, whether caused by an old LetsEncrypt cert or some other old cert.
For example, this command using --cert along with an up-to-date curl-ca-bundle (that addresses the LetsEncrypt cert issue) fails with the same error: > pip-2.7 install --cert /opt/local/etc/openssl/cert.pem -I --user setuptools > On Mar 14, 2022, at 9:18 PM, Jim DeLaHunt <list+macports-...@jdlh.com> wrote: > > On 2022-03-14 17:09, Steven Smith wrote: >> I’m trying to update calendar-contacts-server to macOS 12.3. This requires >> installing a bunch of stuff with python2.7’s pip. >> I’m hitting an SSLError at the command: >>> /opt/local/bin/python2.7 -m pip install -I --user setuptools==18.5 >> Is there a way of pointing MacPorts python2.7 pip at a set of up-to-date >> CAs? [Say e.g. from curl-ca-bundle?] > > I recall discussion recently on either the macports-dev or the macports-user > lists about SSL tools failing due to expiry of Let's Encrypt certificates. I > can't locate a link to those threads quickly, and I'm not sure if it applies > to your situation. > > Have a look at > <https://trac.macports.org/wiki/ProblemHotlist#letsencrypt> > > Is it helpful? > > Best regards, > --Jim DeLaHunt > >
smime.p7s
Description: S/MIME cryptographic signature
