CA cert file is barebones and misses a lot of popular CAs

eshad / httplib2

Automatically exported from code.google.com/p/httplib2

0 stars 0 forks source link

CA cert file is barebones and misses a lot of popular CAs #170

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

May I suggest Curl's CA cert file? 

http://curl.haxx.se/ca/cacert.pem

It is generated from mozilla's database. You can also generate it yourself with 
a script (see https://github.com/bagder/curl/blob/master/lib/firefox-db2pem.sh)

Thanks!

Original issue reported on code.google.com by micolog...@gmail.com on 29 Aug 2011 at 7:42

GoogleCodeExporter commented 9 years ago

https://bitbucket.org/jaraco/httplib2/changesets/tip/branch(%22issue%20170%22) 
and currently under discussion at http://codereview-hr.appspot.com/5323075/

Original comment by jar...@jaraco.com on 1 Dec 2011 at 9:20

GoogleCodeExporter commented 9 years ago

You can provide your own ca cert file to httplib2.  For example, install the 
'certifi' package from pypi and then create the client with 
httplib2.Http(ca_certs=certifi.where()).  And if the construction of the Http 
object is not under your direct control (e.g. using oauth2), you can also set 
client.ca_certs = certifi.where() before any requests are made.

Original comment by dave@brondsema.net on 1 May 2012 at 3:53

GoogleCodeExporter commented 9 years ago

Why not use the system ca certificate store?
That is what web browsers and most other SSL/TLS supporting software uses.

Original comment by saiv...@gmail.com on 4 Sep 2013 at 3:18

GoogleCodeExporter commented 9 years ago

I vote +1 on this (if it matters)

Original comment by cla...@safaribooksonline.com on 4 Sep 2013 at 8:54

GoogleCodeExporter commented 9 years ago

Original comment by joe.gregorio@gmail.com on 13 Oct 2013 at 3:10

Changed state: Closed