Date: Mon, 06 Aug 2018 17:55:32 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 230414] security/py-certifi: add option to use certificate bundle from ca_root_nss Message-ID: <bug-230414-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D230414 Bug ID: 230414 Summary: security/py-certifi: add option to use certificate bundle from ca_root_nss Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Keywords: patch Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: python@FreeBSD.org Reporter: sergey@akhmatov.ru Flags: maintainer-feedback?(python@FreeBSD.org) Assignee: python@FreeBSD.org Created attachment 195946 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D195946&action= =3Dedit py-certifi use CAs from ca_root_nss The proposed patch adds option to use certificate bundle from security/ca_root_nss instead of one shipped with certifi. The idea behind this patch is to add ability to trust to some extra local C= As. Such functionality is going to be added to ca_root_nss soon (I hope): https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D160387 I think it would be convenient to use trusted certificates from single sour= ce. --- QA: poudriere testport with option ON and OFF builds fine The behavior doesn't change with option OFF. With option ON the behavior is as expected: >>> import certifi >>> certifi.where() '/usr/local/etc/ssl/cert.pem' --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-230414-7788>