On Aug 29, 2014, at 4:00 PM, "M.-A. Lemburg" email@example.com wrote:
choice of trusted certificate:
Instead of hard wiring using the system CA roots into Python it would be good to just make this default and permit the user to point Python to a different set of CA roots.
This would enable using self signed certs more easily. Since these are often used for tests, demos and education, I think it's important to allow having more control of the trusted certs.
If I recall OpenSSL already allows this to be configured via envvar and the python API already allows it to be configured via API.