Closed onitake closed 1 year ago
I've solved this issue by assigning the CA bundle directly to the session object:
conn = connector.Connector({"host": host,"username": username,"password": password})
conn.session.verify = ca_bundle_file
But this seems a bit hackish. It would be better if the connector constructor supported this out of the box, by accepting a boolean or a string for the ssl_verify
parameter.
Closing the issue, as it is solved already.
The requests library supports True, False or a string value for the
verify
parameter in HTTPS requests, or the Session object: https://requests.readthedocs.io/en/latest/user/advanced/#ssl-cert-verificationWith the way the
ssl_verify
connection parameter is processed in the infoxblox-client module, it's not possible to pass a bundle path. Only stringified boolean values are supported.Due to this limitation, it's only possible to support custom CA bundles through the
REQUESTS_CA_BUNDLE
environment variable, which will affect all HTTPS requests made with the requests module. This can be a problem in cases, where different CA certificates must be used for certificate validation in an application that interacts with different systems.