import requests intermittently fails on windows server 2022

[AY1uZwIcJzKhaGywovQP]

I have an error on a miniconda based python3.11 installation on Windows Server 2022 where import requests fails intermittently for one of my apps. It seems to be an SSL verification issue as far as I can tell.

Expected Result

I expected the requests library to successfully load.

Actual Result

import requests fails with the following stack trace:

Traceback (most recent call last):
  File "C:\ProjectName\APPS\py-mysvc\deployed\src\app.py", line 29, in <module>
    import mysvc_models
  File "C:\ProjectName\APPS\py-mysvc\deployed\src\mysvc_models.py", line 9, in <module>
    import mysvc_utils
  File "C:\ProjectName\APPS\py-mysvc\deployed\src\mysvc_utils.py", line 17, in <module>
    import requests
  File "C:\ProjectName\ENV\py-mysvc\Lib\site-packages\requests\__init__.py", line 164, in <module>
    from .api import delete, get, head, options, patch, post, put, request
  File "C:\ProjectName\ENV\py-mysvc\Lib\site-packages\requests\api.py", line 11, in <module>
    from . import sessions
  File "C:\ProjectName\ENV\py-mysvc\Lib\site-packages\requests\sessions.py", line 15, in <module>
    from .adapters import HTTPAdapter
  File "C:\ProjectName\ENV\py-mysvc\Lib\site-packages\requests\adapters.py", line 81, in <module>
    _preloaded_ssl_context.load_verify_locations(
ssl.SSLError: [X509] PEM lib (_ssl.c:4154)

Matching this stack trace to the openssl version I have available leads me to SSL_CTX_load_verify_locations but I'm unable to debug the issue further.

Reproduction Steps

I'm unable to consistently reproduce it but it fails at this step.

import requests

System Information

{
  "chardet": {
    "version": null
  },
  "charset_normalizer": {
    "version": "3.3.2"
  },
  "cryptography": {
    "version": ""
  },
  "idna": {
    "version": "3.10"
  },
  "implementation": {
    "name": "CPython",
    "version": "3.11.6"
  },
  "platform": {
    "release": "10",
    "system": "Windows"
  },
  "pyOpenSSL": {
    "openssl_version": "",
    "version": null
  },
  "requests": {
    "version": "2.32.3"
  },
  "system_ssl": {
    "version": "30300020"
  },
  "urllib3": {
    "version": "2.2.3"
  },
  "using_charset_normalizer": true,
  "using_pyopenssl": false
}

Relevant conda packages:

# Name                    Version                   Build  Channel
ca-certificates           2024.9.24            haa95532_0
certifi                   2024.8.30       py311haa95532_0
cffi                      1.17.1          py311h827c3e9_0
h11                       0.14.0          py311haa95532_0
h2                        4.1.0              pyhd8ed1ab_0    conda-forge
hpack                     4.0.0                      py_0
httpcore                  1.0.6              pyhd8ed1ab_0    conda-forge
httpx                     0.27.2             pyhd8ed1ab_0    conda-forge
openssl                   3.3.2                h2466b09_0    conda-forge
python                    3.11.6          h2628c8c_0_cpython    conda-forge
python-certifi-win32      1.2             py311h1ea47a8_6    conda-forge
python_abi                3.11                    5_cp311    conda-forge
pywin32                   306             py311h12c1d0e_2    conda-forge
wincertstore              0.2             py311haa95532_0

[AY1uZwIcJzKhaGywovQP]

As mentioned above, the issue happens intermittently not continuously as mentioned in the PR. I have indeed recreated the environment in the PR but this does not appear to have fixed the issue.

What would be the best way to improve the logs so that we can determine why SSL_CTX_load_verify_locations fails the next time this reoccurs?