[SpecklePy] Cannot retrieve speckle streams/commits despite managing to connect and authenticate the client

I am trying to retrieve a speckle stream through the usage of


The client was retrieved and authenticated.

The error I am getting:

Failed to execute the GraphQL stream request. Inner exception: HTTPSConnectionPool(host=‘speckle.foo.com’, port=443): Max retries exceeded with url: /graphql (Caused by SSLError(SSLCertVerificationError(1, ‘[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:997)’)))

Usually, you can bypass the certificate verification by adding a ‘verify = False’ argument to the function, but unfortunately speckle’s ‘get’ function does not provide that option. But then again, I would assume that a speckle url would have its certificate verified, unless there’s a problem from my side.

Does anyone know a fix?

Hey @Zarathustrai I had the same issue too but I realised I had my company firewall active. (Z-Scaler) Have you tried checking your firewall settings?

1 Like

Hi @shuzmm, after an eternal battle with the IT department regarding company firewall policies, I managed to turn it off but it turned out that it was not the firewall. Port 443 is healthy and OK, there seems to be something else going on here.

Your error suggests a self-hosted server. Are you able to successfully test the same python script against a speckle.xyz stream?

Unfortunately not! But it seems to be an issue unrelated to Speckle; something to do with the Kubernetes cluster deployed.

Hey @Zarathustrai

Both the StreamWrapper and the SpeckleClient have an optional boolean flag argument use_ssl that can be set to False to enable using plain http://foo.bar server urls.
Does this help with your issue?

Solved! The problem was with SSL certificates on the Kubernetes Cluster. It was unable to verify the root and intermediate certificates of speckle.foo.com
After concatenating certificates + the access key and adding the resulting certificate to the cluster the issue no longer persisted.
SSL certificate verify result: unable to get local issuer certificate (20) - Microsoft Q&A