This is due to Python beginning to apply certificate verification by default for stdlib http clients.

A great explanation of the rationale of the change can be found in this Redhat article. There's also information regarding how to control and troubleshoot this new situation.

Both previous references explain how to avoid certificate verification in single connections (which is not a solution for feedparser users):

• PEP-476 - Opting out

import ssl

# This restores the same behavior as before.
context = ssl._create_unverified_context()
urllib.urlopen("https://no-valid-cert", context=context)

• RedHat - Modifying Python programs to control certificate verification

Currently, feedparser users can only avoid certificate verification by monkeypatching, which is highly discouraged as it affects the whole application.

The code to change the behavior application-wide would be as follows (code taken from PEP-476):

import ssl

try:
    _create_unverified_https_context = ssl._create_unverified_context
except AttributeError:
    # Legacy Python that doesn't verify HTTPS certificates by default
    pass
else:
    # Handle target environment that doesn't support HTTPS verification
    ssl._create_default_https_context = _create_unverified_https_context

There is an issue on the feedparser tracker about this: How to fix SSL: CERTIFICATE_VERIFY_FAILED?.

Thanks you cmidi for the answer, which was to 'monkey patch' using ssl._create_default_https_context = ssl._create_unverified_context

import feedparser
import ssl
if hasattr(ssl, '_create_unverified_context'):
    ssl._create_default_https_context = ssl._create_unverified_context
feed = feedparser.parse(rss) #<<WORKS!!