Adding certifi as default CA bundle.

This commit is contained in:
Kyle Morton 2015-06-16 11:11:10 -07:00
parent fe764cde52
commit c9c93af453
2 changed files with 5 additions and 4 deletions

View File

@ -7,6 +7,7 @@ import threading
import time import time
import traceback import traceback
import certifi
import OpenSSL import OpenSSL
from OpenSSL import SSL from OpenSSL import SSL
@ -373,7 +374,7 @@ class _Connection(object):
method=SSLv23_METHOD, method=SSLv23_METHOD,
options=(OP_NO_SSLv2 | OP_NO_SSLv3), options=(OP_NO_SSLv2 | OP_NO_SSLv3),
verify_options=VERIFY_NONE, verify_options=VERIFY_NONE,
ca_path=None, ca_path=certifi.where(),
ca_pemfile=None, ca_pemfile=None,
cipher_list=None, cipher_list=None,
alpn_protos=None, alpn_protos=None,
@ -403,8 +404,7 @@ class _Connection(object):
(err_depth, errno)) (err_depth, errno))
context.set_verify(verify_options, verify_cert) context.set_verify(verify_options, verify_cert)
if ca_path is not None or ca_pemfile is not None: context.load_verify_locations(ca_pemfile, ca_path)
context.load_verify_locations(ca_pemfile, ca_path)
# Workaround for # Workaround for
# https://github.com/pyca/pyopenssl/issues/190 # https://github.com/pyca/pyopenssl/issues/190

View File

@ -66,7 +66,8 @@ setup(
"pyOpenSSL>=0.15.1", "pyOpenSSL>=0.15.1",
"cryptography>=0.9", "cryptography>=0.9",
"passlib>=1.6.2", "passlib>=1.6.2",
"hpack>=1.0.1"], "hpack>=1.0.1",
"certifi"],
setup_requires=[ setup_requires=[
"cffi", "cffi",
"pyOpenSSL>=0.15.1", "pyOpenSSL>=0.15.1",