diff options
| author | Kyle Morton <kylemorton@google.com> | 2015-06-16 11:11:10 -0700 |
|---|---|---|
| committer | Kyle Morton <kylemorton@google.com> | 2015-06-16 11:11:10 -0700 |
| commit | c9c93af453ec332b660f70402b78ae8f269280f0 (patch) | |
| tree | 5d59fd48f25c18c550fd25a36a8deebf6a5fb094 /netlib/tcp.py | |
| parent | fe764cde5229046b8447062971c61fac745d2d58 (diff) | |
| download | mitmproxy-c9c93af453ec332b660f70402b78ae8f269280f0.tar.gz mitmproxy-c9c93af453ec332b660f70402b78ae8f269280f0.tar.bz2 mitmproxy-c9c93af453ec332b660f70402b78ae8f269280f0.zip | |
Adding certifi as default CA bundle.
Diffstat (limited to 'netlib/tcp.py')
| -rw-r--r-- | netlib/tcp.py | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/netlib/tcp.py b/netlib/tcp.py index ca948514..b523bea4 100644 --- a/netlib/tcp.py +++ b/netlib/tcp.py @@ -7,6 +7,7 @@ import threading import time import traceback +import certifi import OpenSSL from OpenSSL import SSL @@ -373,7 +374,7 @@ class _Connection(object): method=SSLv23_METHOD, options=(OP_NO_SSLv2 | OP_NO_SSLv3), verify_options=VERIFY_NONE, - ca_path=None, + ca_path=certifi.where(), ca_pemfile=None, cipher_list=None, alpn_protos=None, @@ -403,8 +404,7 @@ class _Connection(object): (err_depth, errno)) context.set_verify(verify_options, verify_cert) - if ca_path is not None or ca_pemfile is not None: - context.load_verify_locations(ca_pemfile, ca_path) + context.load_verify_locations(ca_pemfile, ca_path) # Workaround for # https://github.com/pyca/pyopenssl/issues/190 |