Some Mari Python distributions ship with Out of Date SSL Certificates.

This problem has been observed especially on Linux CentOS.

To rectify this do one of the following 

You can tell Mari to use the default system SSL Certificate instead of its own. 

To do that set an environment variable SSL_CERT_FILE by executing the command below in a shell before you launch Mari.

• export SSL_CERT_FILE=Location of Certificate
  
  

Execute this either permanently by adding it to your environment or just when starting Mari.

Below is a list of common Certificate locations for different Linux Distributions

• "/etc/ssl/certs/ca-certificates.crt",                                Debian/Ubuntu/Mint/Gentoo etc.
• "/etc/pki/tls/certs/ca-bundle.crt",                                        Fedora/RHEL 6
• "/etc/ssl/ca-bundle.pem",                                                        OpenSUSE
• "/etc/pki/tls/cacert.pem",                                                        OpenELEC
• "/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem",        CentOS/RHEL 7
• "/etc/ssl/cert.pem",                                                                Alpine Linux
  
  

So on Linux CentOS you would run 

• export SSL_CERT_FILE=/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem

To do that set an environment variable:

• export PYTHONHTTPSVERIFY=0

either permanently or just when starting Mari.

If none of the above work, go to a https:// address in a browser.

Click on the 'lock' icon next to the address in the browser.

Most likely on some https:// addresses it will state 'Certificate invalid' instead of 'valid'

Click on the Certificate and you should have the option to save or 'copy to file'.

Save the certificate on linux to /etc/ssl/certs/ then use method 1) to supply the new SSL Certificate to Mari.