Date: Mon, 06 Aug 2018 17:55:32 +0000 From: bugzilla-noreply@freebsd.org To: python@FreeBSD.org Subject: maintainer-feedback requested: [Bug 230414] security/py-certifi: add option to use certificate bundle from ca_root_nss Message-ID: <bug-230414-21822-YJNBJls8jU@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-230414-21822@https.bugs.freebsd.org/bugzilla/> References: <bug-230414-21822@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
Bugzilla Automation <bugzilla@FreeBSD.org> has asked freebsd-python mailing list <python@FreeBSD.org> for maintainer-feedback: Bug 230414: security/py-certifi: add option to use certificate bundle from ca_root_nss https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=230414 --- Description --- The proposed patch adds option to use certificate bundle from security/ca_root_nss instead of one shipped with certifi. The idea behind this patch is to add ability to trust to some extra local CAs. Such functionality is going to be added to ca_root_nss soon (I hope): https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=160387 I think it would be convenient to use trusted certificates from single source. --- QA: poudriere testport with option ON and OFF builds fine The behavior doesn't change with option OFF. With option ON the behavior is as expected: >>> import certifi >>> certifi.where() '/usr/local/etc/ssl/cert.pem'help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-230414-21822-YJNBJls8jU>