Closed staylorx closed 7 years ago
Hi, thanks for your PR.
Sadly I cannot accept a PR that under the hood compromises the security of the user. Please consider setting the environment variable REQUESTS_CA_BUNDLE
to specify your custom made certification authority so that you certificate is valid, or consider implementing the workflow as explained in #10
Thanks.
This is an answer to #10 . It's regrettably simple but since this never called HTTPS endpoints before, verifying a non-TLS call should not impact anyone?
This will enable HTTPS calls -- it will throw a warning so it's slippery slope to creating tlsverify, tlscert, or tlskey args. Then the question is to add it to the CLI or not. I'm currently only interested in the Sphinx directives but I can see a world where the CLI might be handy too.