Replies: 1 comment
-
|
The python-certifi-win32 package is a nice workaround for windows. EDIT: Turns out https://pypi.org/project/pip-system-certs/ is the replacement, and based on the name at least it might be cross-platform |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
When using OIDC it's generally expected that resources will be protected by SSL/TLS. Frequently these resources will have either self-signed certificates, or certificates signed by a corporate/internal authority.
At the moment we expose a
cert_bundle_pathoption in ourConfigurationclass, which allows the use of self-signed certificates. Providing this, however, overrides all normally trusted certificates, meaning that frequently the Identity Provider becomes untrusted as far as the library is concerned.As a workaround I have been reading the
certifibundle into memory, appending our self-signed certificate, then writing the new bundle out. We could do this to a temporary file somewhere. We could also investigate whether we can provided anIOBaseobject to requests/urllib?Beta Was this translation helpful? Give feedback.
All reactions