[issue45839] python3 executable is able to install pandas

[Muhammad Irfan Asghar]

Muhammad Irfan Asghar <mirfanasghar at gmail.com> added the comment:

Hi

The issue is finally solved by using the command

pip3 install --trusted-host pypi.org --trusted-host pypi.python.org
--trusted-host files.pythonhosted.org pandas

Thanks to all who helped.

regards
Irfan

On Tue, Nov 23, 2021 at 10:03 AM Ronald Oussoren <report at bugs.python.org>
wrote:

>
> Ronald Oussoren <ronaldoussoren at mac.com> added the comment:
>
> Could you check with "curl -k https://pypi.org/ >/dev/null" what
> certificate is used by PyPI?
>
> On my system I get (amongst other output):
>
> ...
> * SSL connection using TLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305
> * ALPN, server accepted to use h2
> * Server certificate:
> *  subject: CN=pypi.org
> *  start date: Oct 22 18:55:44 2021 GMT
> *  expire date: Nov 23 18:55:43 2022 GMT
> *  subjectAltName: host "pypi.org" matched cert's "pypi.org"
> *  issuer: C=BE; O=GlobalSign nv-sa; CN=GlobalSign Atlas R3 DV TLS CA H2
> 2021
> *  SSL certificate verify ok.
> ...
>
> Note how the issuer is GlobalSign. If you see some other certificate
> authority, or get an error from curl due to the same certificate
> verification problem, you have something on the path between you and PyPI
> that intercepts the connection, such as a corporate proxy.
>
> Pip appears to have a way to override certificate verification, you'll
> have to (a) read pip's manual for that and (b) be *very* sure you know
> what's going on before you start trusting some other CA that's not in the
> global trust root used by pip and certify.
>
> ----------
>
> _______________________________________
> Python tracker <report at bugs.python.org>
> <https://bugs.python.org/issue45839>
> _______________________________________
>

----------

_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue45839>
_______________________________________