30 Jan
2017
30 Jan
'17
9:28 p.m.
On 2017-01-30 22:19, David Cournapeau wrote:
Hm. Is this documented anywhere ? We have customers needing "private/custom" certificates, and I am unsure where to look for.
For full control it is advised to use a custom SSLContext that only loads the internal CA. https://docs.python.org/3/library/ssl.html#ssl.create_default_context With OpenSSL you can also set SSL_CERT_FILE and SSL_CERT_DIR env vars. It doesn't work with LibreSSL, though. import os, ssl os.environ['SSL_CERT_FILE'] = '/path/to/internalca.pem' os.environ['SSL_CERT_DIR'] = os.devnull ctx = ssl.create_default_context() Christian