[GH-ISSUE #24568] issue: Openwebui still ignores AIOHTTP_CLIENT_SESSION_SSL for STT engine URL #74942

New Issue

GiteaMirror · 2026-05-13T07:48:41-05:00

GiteaMirror commented

2026-05-13 07:48:41 -05:00

Originally created by @orKL3mlz on GitHub (May 11, 2026).
Original GitHub issue: https://github.com/open-webui/open-webui/issues/24568

Check Existing Issues

I have searched for any existing and/or related issues.
I have searched for any existing and/or related discussions.
I have also searched in the CLOSED issues AND CLOSED discussions and found no related items (your issue might already be addressed on the development branch!).
I am using the latest version of Open WebUI.

Installation Method

Docker

Open WebUI Version

0.9.5

Ollama Version (if applicable)

0.23.2

Operating System

Debian 13

Browser (if applicable)

No response

Confirmation

I have read and followed all instructions in README.md.
I am using the latest version of both Open WebUI and Ollama.
I have included the browser console logs.
I have included the Docker container logs.
I have provided every relevant configuration, setting, and environment variable used in my setup.
I have clearly listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc).
I have documented step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation. My steps:
Start with the initial platform/version/OS and dependencies used,
Specify exact install/launch/configure commands,
List URLs visited, user input (incl. example values/emails/passwords if needed),
Describe all options and toggles enabled or changed,
Include any files or environmental changes,
Identify the expected and actual result at each stage,
Ensure any reasonably skilled user can follow and hit the same issue.

Expected Behavior

Openwebui should ignore self signed certificate errors if AIOHTTP_CLIENT_SESSION_SSL = False when making calls to the speech to text engine.

verify=AIOHTTP_CLIENT_SESSION_SSL, should be added inside the file backend/open_webui/routers/audio.py at line 752, inside this block of code

with open(file_path, 'rb') as audio_file:
                    r = requests.post(
                        url=f'{request.app.state.config.STT_OPENAI_API_BASE_URL}/audio/transcriptions',
                        headers=headers,
                        files={'file': (filename, audio_file)},
                        data=payload,
                        timeout=AIOHTTP_CLIENT_TIMEOUT,
                        verify=AIOHTTP_CLIENT_SESSION_SSL, # this one
                    )

Actual Behavior

When configuring Speech to text to OpenAI, and setting the URL to https://x.x.x.x/v1, and if the certificate is self-signed, we still have

requests.exceptions.SSLError: HTTPSConnectionPool(host='x.x.x.x', port=443): Max retries exceeded with url: /v1/audio/transcriptions (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:1016)')))

The issue was mentionned in #23672 but it is still not fixed

Steps to Reproduce

Set AIOHTTP_CLIENT_SESSION_SSL = False and REQUESTS_VERIFY = False inside .env
Configure stt backend to use a self-signed certificate
Configure the connection inside Openwebui Audio STT endpoint : https://x.x.x.x/v1
Save the settings and try use the voice feature from a new conversation (mic logo, to transcript voice to text)

Logs & Screenshots

requests.exceptions.SSLError: HTTPSConnectionPool(host='x.x.x.x', port=443): Max retries exceeded with url: /v1/audio/transcriptions (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:1016)')))

Additional Information

No response

Originally created by @orKL3mlz on GitHub (May 11, 2026). Original GitHub issue: https://github.com/open-webui/open-webui/issues/24568 ### Check Existing Issues - [x] I have searched for any existing and/or related issues. - [x] I have searched for any existing and/or related discussions. - [x] I have also searched in the CLOSED issues AND CLOSED discussions and found no related items (your issue might already be addressed on the development branch!). - [x] I am using the latest version of Open WebUI. ### Installation Method Docker ### Open WebUI Version 0.9.5 ### Ollama Version (if applicable) 0.23.2 ### Operating System Debian 13 ### Browser (if applicable) _No response_ ### Confirmation - [x] I have read and followed all instructions in `README.md`. - [x] I am using the latest version of **both** Open WebUI and Ollama. - [x] I have included the browser console logs. - [x] I have included the Docker container logs. - [x] I have **provided every relevant configuration, setting, and environment variable used in my setup.** - [x] I have clearly **listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup** (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc). - [x] I have documented **step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation**. My steps: - Start with the initial platform/version/OS and dependencies used, - Specify exact install/launch/configure commands, - List URLs visited, user input (incl. example values/emails/passwords if needed), - Describe all options and toggles enabled or changed, - Include any files or environmental changes, - Identify the expected and actual result at each stage, - Ensure any reasonably skilled user can follow and hit the same issue. ### Expected Behavior Openwebui should ignore self signed certificate errors if `AIOHTTP_CLIENT_SESSION_SSL = False` when making calls to the speech to text engine. `verify=AIOHTTP_CLIENT_SESSION_SSL,` should be added inside the file `backend/open_webui/routers/audio.py` at line 752, inside this block of code ``` with open(file_path, 'rb') as audio_file: r = requests.post( url=f'{request.app.state.config.STT_OPENAI_API_BASE_URL}/audio/transcriptions', headers=headers, files={'file': (filename, audio_file)}, data=payload, timeout=AIOHTTP_CLIENT_TIMEOUT, verify=AIOHTTP_CLIENT_SESSION_SSL, # this one ) ``` ### Actual Behavior When configuring Speech to text to `OpenAI`, and setting the URL to `https://x.x.x.x/v1`, and if the certificate is self-signed, we still have ``` requests.exceptions.SSLError: HTTPSConnectionPool(host='x.x.x.x', port=443): Max retries exceeded with url: /v1/audio/transcriptions (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:1016)'))) ``` The issue was mentionned in #23672 but it is still not fixed ### Steps to Reproduce Set AIOHTTP_CLIENT_SESSION_SSL = False and REQUESTS_VERIFY = False inside .env Configure stt backend to use a self-signed certificate Configure the connection inside Openwebui Audio STT endpoint : https://x.x.x.x/v1 Save the settings and try use the voice feature from a new conversation (mic logo, to transcript voice to text) ### Logs & Screenshots ``` requests.exceptions.SSLError: HTTPSConnectionPool(host='x.x.x.x', port=443): Max retries exceeded with url: /v1/audio/transcriptions (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:1016)'))) ``` ### Additional Information _No response_

GiteaMirror added the bug label 2026-05-13 07:48:41 -05:00

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/open-webui#74942