Qiita Teams that are logged in
You are not logged in to any team

Log in to Qiita Team
OrganizationEventAdvent CalendarQiitadon (β)
Qiita JobsQiita ZineQiita Blog
Help us understand the problem. What is going on with this article?

More than 5 years have passed since last update.


pip installでいまだにInsecurePlatformWarningが出るけどなんかいろいろと面倒くさくてやってなかった

pip install -> InsecurePlatformWarning

$ python -V
Python 2.7.1
$ pip -V
pip 8.1.1 from /Users/foo/.anyenv/envs/pyenv/versions/2.7.1/lib/python2.7/site-packages (python 2.7)
$ pip install everytime-warning
/Users/foo/.anyenv/envs/pyenv/versions/2.7.1/lib/python2.7/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:315: SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject Name Indication) extension to TLS is not available on this platform. This may cause the server to present an incorrect TLS certificate, which can cause validation failures. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#snimissingwarning.
/Users/foo/.anyenv/envs/pyenv/versions/2.7.1/lib/python2.7/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:120: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.



Certain Python distributions (specifically, versions of Python earlier than 2.7.9) and older OpenSSLs have restrictions that prevent them from using the SNI (Server Name Indication) extension. This can cause unexpected behaviour when making some HTTPS requests, usually causing the server to present the a TLS certificate that is not valid for the website you’re trying to access.




  1. 著名なプラグインだから安心だろうと思ってpip installする(numpyとか)
  2. アクセス先がすり替えられて、悪意のあるプラグインをダウンロードする
  3. 証明書の検証が正しく行われず、インストールしてしまう


pyenv install

普通にpyenv install 2.7.9しようとしたら、怒られた

ERROR: The Python ssl extension was not compiled. Missing the OpenSSL lib?


(cd ~/.anyenv && git pull)
exec $SHELL -l
anyenv install pyenv
exec $SHELL -l
pyenv install 2.7.9
pyenv global 2.7.9
pip install secure-and-silent


Help us understand the problem. What is going on with this article?
Why not register and get more from Qiita?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
Help us understand the problem. What is going on with this article?