-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Possibility to register truststore more globally #75
Comments
For this you mean a way to patch the |
Yeah, I have no idea if that is possible from |
I would like to second that this would be highly valuable. I don't know how the approach of |
This would be really important. Being able to just install truststore and having all third-party code work would be so important. |
Author of I use The hooking mechanism is a bit of a pain though and can break in weird and wonderful ways, eg. After installing pip-system-certs if wrapt is uninstalled it used to break pip completely! That being said, I'm pretty keen to rework pip-system-certs to use truststore though, might look for a cleaner way to patch it in based on #85 |
Ah, I only just properly reviewed how neat and thorough the existing global registration is!
Is delightfully clean, though obviously only really works for code you own, not "fixing" other python apps to use your system certs. The system I use to deal with this is The long and short of it though, you can create a How would you feel about a package extras that includes such a pth fine that perhaps just runs those two above lines? I'm not sure if a more complex autowrapt hooking the import of urllib or other related libraries is really worth it, though there might be some benefit. |
@andrewleech The current method should work for most code you don't own as long as it's called early enough in the program's life, most libraries don't create SSLContexts in the global scope (unless you're aware of some that do? Lmk) |
Hi @sethmlarson I'm referring more to it not working for third party python applications, eg. I just mean you currently need to own at least the top level python script to run the truststore function before running/importing other code. |
This is more a question/discussion than an issue.
I'm using a lot of Python libraries, which build on
urllib3
,aiohttp
orrequests
. In seldom cases, I am able to get the pool manager or SSL context to inject truststore's context into it.Is there an option to inject truststore more globally, so that dependent libraries use it?
Here are some examples:
urllib3
andrequests
for testsurllib3
The text was updated successfully, but these errors were encountered: