Problem
The Polygon Python SDK fails with SSL certificate verification errors when used behind corporate firewalls that perform SSL/TLS inspection. The SDK does not respect standard SSL certificate environment variables (SSL_CERT_FILE, REQUESTS_CA_BUNDLE) that specify custom CA bundles.
Steps to Reproduce
import os
from polygon import RESTClient
# Set custom CA bundle (common in enterprise environments)
os.environ["SSL_CERT_FILE"] = "/path/to/corporate-ca-bundle.pem"
# This fails with SSL error
client = RESTClient(os.getenv("POLYGON_API_KEY"))
aggs = client.get_aggs(ticker="AAPL", multiplier=1, timespan="day",
from_="2026-02-01", to="2026-02-10")
list(aggs) # SSLError: certificate verify failedExpected Behaviour
SDK should respect SSL environment variables like other Python HTTP libraries (requests, httpx, urllib3).
Actual Behaviour
SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed:
self-signed certificate in certificate chain
SDK ignores environment variables and uses bundled certifi CA bundle only.
Evidence
Raw Python SSL (works):
import ssl, socket
context = ssl.create_default_context()
with socket.create_connection(("api.polygon.io", 443)) as sock:
with context.wrap_socket(sock, server_hostname="api.polygon.io") as s:
print(s.version()) # ✅ TLSv1.3 - Success!Polygon SDK (fails):
Uses bundled certs, ignores SSL_CERT_FILE → certificate verification fails.
Root Cause
The SDK uses urllib3 but doesn't configure it to check standard SSL environment variables. While urllib3 supports custom CA bundles, the Polygon SDK never provides them.
Comparison: Alpaca SDK (Works Correctly)
# Alpaca SDK respects SSL_CERT_FILE and works behind corporate firewalls
from alpaca.data.historical import StockHistoricalDataClient
client = StockHistoricalDataClient(api_key, secret_key)
bars = client.get_stock_bars(...) # ✅ Works!
Suggested Fix
Check environment variables when creating HTTP client:
import os
import certifi
def get_ca_bundle():
"""Get CA bundle from environment or default."""
return (os.getenv("SSL_CERT_FILE") or
os.getenv("REQUESTS_CA_BUNDLE") or
certifi.where())
# Use in RESTClient
http = urllib3.PoolManager(cert_reqs="CERT_REQUIRED",
ca_certs=get_ca_bundle())Impact
Affects: Enterprise users behind corporate firewalls with SSL inspection (finance, healthcare, government sectors)
Current workarounds: All unacceptable for production:
- ❌ Disable SSL verification (insecure)
- ❌ Switch to different provider
- ❌ Maintain local SDK patches
Environment
- Python: 3.10+
- OS: macOS/Linux
- Network: Corporate firewall with SSL inspection (Zscaler, etc.)
- polygon-api-client: Latest
References
Happy to submit a PR if maintainers are open to this fix.
This issue generated with AI/Claude 4.6
Problem
The Polygon Python SDK fails with SSL certificate verification errors when used behind corporate firewalls that perform SSL/TLS inspection. The SDK does not respect standard SSL certificate environment variables (
SSL_CERT_FILE,REQUESTS_CA_BUNDLE) that specify custom CA bundles.Steps to Reproduce
Expected Behaviour
SDK should respect SSL environment variables like other Python HTTP libraries (requests, httpx, urllib3).
Actual Behaviour
SDK ignores environment variables and uses bundled certifi CA bundle only.
Evidence
Raw Python SSL (works):
Polygon SDK (fails):
Uses bundled certs, ignores
SSL_CERT_FILE→ certificate verification fails.Root Cause
The SDK uses
urllib3but doesn't configure it to check standard SSL environment variables. Whileurllib3supports custom CA bundles, the Polygon SDK never provides them.Comparison: Alpaca SDK (Works Correctly)
Suggested Fix
Check environment variables when creating HTTP client:
Impact
Affects: Enterprise users behind corporate firewalls with SSL inspection (finance, healthcare, government sectors)
Current workarounds: All unacceptable for production:
Environment
References
Happy to submit a PR if maintainers are open to this fix.
This issue generated with AI/Claude 4.6