SSL Certificate Validation Failed

Hi everyone,

I’m encountering an SSL-related issue when trying to fetch the list of webhooks from our Shopify Development store (pop-store-sit.myshopify.com) using the Admin API (2024-01). The call fails with the following error:

[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1147)

Here’s the full traceback for reference:

HTTPSConnectionPool(host='pop-store-sit.myshopify.com', port=443): Max retries exceeded with url: /admin/api/2024-01/webhooks.json?fields=id,address,topic,format (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1147)')))

We’re using a Python-based backend inside a containerized environment. It appears the SSL handshake fails because it can’t verify the Shopify server’s certificate due to missing root/intermediate CA certificates.

Can someone here confirm:

  • If there were any recent changes to the SSL certificate or intermediate chain for .myshopify.com` domains?

  • If there is a documented list of certificate authorities Shopify uses for these domains?

  • Any recommended workaround or best practice when dealing with SSL verification issues for Shopify endpoints in containerized environments?

Thanks in advance!

There is a python-certifi GitHub issue discussing this problem. A temporary fix is to pin python-certifi to version 2025.1.31.

That said, I’m curious if there are any plans for Shopify to issue a new cert with a different CA.