Resolving “SSL: certificate verify fails” error message from dwave ping command
When accessing a remote D-Wave quantum computer (QC) operated by a third party or your own institution or corporation, you may encounter a “certificate verify fails” error message from Ocean tools such as the interactive CLI’s “dwave ping” command.
Background: communication between a D-Wave QC and your local system (your laptop, for example) is secured using Secured Sockets Layer (SSL), a standard communications protocol for encryption and authentication. It relies on security certificates signed by a trusted Certification Authority (CA), such as Commodo or Symantec, or your own institution or corporation.
This SSL error can occur if your local system does not recognize the CA used by the remote endpoint of the D-Wave QC you are trying to access or ping. The quantum computer operated by D-Wave at https://cloud.dwavesys.com/sapi uses a certificate issued by a CA all supported systems trust.
The recommended solution is to add the CA issuing your D-Wave QC’s SSL certificate to your system’s trusted CAs. If you are unsure how to do so, contact your system administrator for assistance.
It is possible to access the D-Wave QC even if you have not added the CA to your system’s certificate storage. In Ocean’s dwave-cloud-client tool, you can set a client’s “permissive_ssl” parameter to True (by default it is False) to disable SSL verification:
>>> client = dwave.cloud.Client(endpoint='https://my.dwave.system.com/sapi', token='secrettoken', permissive_ssl=True)
You can also set this parameter in the D-Wave Cloud Client configuration file to make this the default behavior for Ocean tools accessing the QC.
Doing so results in unsecured communication and is not recommended.