maintainer-feedback requested: [Bug 230414] security/py-certifi: add option to use certificate bundle from ca_root_nss
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Aug 6 17:55:34 UTC 2018
Bugzilla Automation <bugzilla at FreeBSD.org> has asked freebsd-python mailing
list <python at FreeBSD.org> for maintainer-feedback:
Bug 230414: security/py-certifi: add option to use certificate bundle from
ca_root_nss
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=230414
--- Description ---
The proposed patch adds option to use certificate bundle from
security/ca_root_nss instead of one shipped with certifi.
The idea behind this patch is to add ability to trust to some extra local CAs.
Such functionality is going to be added to ca_root_nss soon (I hope):
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=160387
I think it would be convenient to use trusted certificates from single source.
---
QA: poudriere testport with option ON and OFF builds fine
The behavior doesn't change with option OFF.
With option ON the behavior is as expected:
>>> import certifi
>>> certifi.where()
'/usr/local/etc/ssl/cert.pem'
More information about the freebsd-python
mailing list