In some cases users may need to access some site in a company private network, with SSL certificate signed by custom root certificate (not public). Accessing this site using browser is working fine if user added this root certificate to system cert store. But requests will complain that certificate cannot be verified, and user have to pass this root certificate to session.verify = '/path/to/cert.pem" or by passing the same path to REQUESTS_CA_BUNDLE env variable. IMHO, this is redundant step which introduces more headache than solves anything.
certifi has MPL 2.0 license which may be considered as copyleft, and prohibited to use by legals. Not all of users know that MPL 2.0 license is file-based, and license actually cannot "spread" to packages which depend on it.
Is is possible to introduce pip install requests[certifi] for installing certifi explicitly, and remove if from default installation?
sigmavirus24
commented
2 months ago
session.verify = '/path/to/cert.pem"or by passing the same path toREQUESTS_CA_BUNDLEenv variable. IMHO, this is redundant step which introduces more headache than solves anything.certifihas MPL 2.0 license which may be considered as copyleft, and prohibited to use by legals. Not all of users know that MPL 2.0 license is file-based, and license actually cannot "spread" to packages which depend on it.Is is possible to introduce
pip install requests[certifi]for installing certifi explicitly, and remove if from default installation?