Replies: 1 comment
-
|
The python-certifi-win32 package is a nice workaround for windows. EDIT: Turns out https://pypi.org/project/pip-system-certs/ is the replacement, and based on the name at least it might be cross-platform |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
When using OIDC it's generally expected that resources will be protected by SSL/TLS. Frequently these resources will have either self-signed certificates, or certificates signed by a corporate/internal authority.
At the moment we expose a
cert_bundle_pathoption in ourConfigurationclass, which allows the use of self-signed certificates. Providing this, however, overrides all normally trusted certificates, meaning that frequently the Identity Provider becomes untrusted as far as the library is concerned.As a workaround I have been reading the
certifibundle into memory, appending our self-signed certificate, then writing the new bundle out. We could do this to a temporary file somewhere. We could also investigate whether we can provided anIOBaseobject to requests/urllib?Beta Was this translation helpful? Give feedback.
All reactions