requests library
:ID: 31274871-1e89-4fc5-8015-6c2fce728333
Summary #
module to do HTTP communication.
Setting custom SSL certificate fc #
| position | ease | box | interval | due |
|---|---|---|---|---|
| front | 2.5 | 0 | 0 | 2021-09-29T17:07:02Z |
When using the directly #
https://docs.python-requests.org/en/master/user/advanced/#ssl-cert-verification
- using verify=False
requests.get('https://requestb.in', verify=False)
- verify=path/to/ca/bundle or directory that contains CA files
requests.get('https://requestb.in', verify="path/to/ca/bundle")
- REQUESTS_CA_BUNDLE env variable
export REQUESTS_CA_BUNDLE=/path/to/ca/bundle
When requests is used by third party package or dependencies #
import requests
import certifi
import sys
try:
requests.get('https://any-website-protected-by-your-custom-root-ca')
print('Certificate already added to the certifi store')
sys.exit(0)
except requests.exceptions.SSLError as err:
print('SSL Error. Adding custom certs to Certifi store...')
customca = requests.get('http://place-to-download-your-root-ca-pem.file').content
cafile = certifi.where()
with open(cafile, 'ab') as outfile:
outfile.write(b'\n')
outfile.write(customca)
try:
requests.get('https://any-website-protected-by-your-custom-root-ca-to-validate-the-certificate')
print('Successfully added certificate to the certifi store')
sys.exit(0)
except requests.exceptions.SSLError as err:
print('Failed to add certificate to the certifi store')
sys.exit(1)
SSL Certificate paths #
It uses certifi for trusted CA root certificates. Certifi provides Mozilla’s carefully curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts . It has been extracted from the Requests project.
import requests
requests.certs.where()
#or
cafile = certifi.where()
Gives the path which requests library uses to use SSL CA certificates.