giteapy icon indicating copy to clipboard operation
giteapy copied to clipboard

Published 20 hours ago verified publisher icon dblueai

Use REQUESTS_CA_BUNDLE when set

Open nicoulaj opened this issue 5 years ago • 2 comments

What do you think of using the value of environment variable REQUESTS_CA_BUNDLE for Configuration.ssl_ca_cert by default ?

This is the variable used by urllib, but since giteapy uses its configured value, the variable is not used.

nicoulaj avatar Jan 27 '20 18:01 nicoulaj

+1 This is breaking SSL for me currently, because it is not using my custom CA

mikeperalta1 avatar Aug 12 '23 10:08 mikeperalta1

Just a quick update. The solution seemed to be a fairly simple hack to change what the certifi library considers your CA bundle. Since it defaults to its own local version inside a venv, I just had to manually point it to my system's bundle. Here's a method I just added to my own personal project just so you can see what I mean:


# Up top with all the other imports
import certifi

# Snippet method from a class not shown here
	def set_ca_bundle(self, bundle_path: str):
		
		self.__logger.info("Setting certificate bundle path")
		
		# Hacky but oh well
		self.__logger.info(f"Old path: {certifi.where()}")
		certifi.core._CACERT_PATH = bundle_path
		self.__logger.info(f"New path: {certifi.where()}")

mikeperalta1 avatar Aug 12 '23 11:08 mikeperalta1