aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--netlib/tcp.py6
-rw-r--r--setup.py3
2 files changed, 5 insertions, 4 deletions
diff --git a/netlib/tcp.py b/netlib/tcp.py
index ca948514..b523bea4 100644
--- a/netlib/tcp.py
+++ b/netlib/tcp.py
@@ -7,6 +7,7 @@ import threading
import time
import traceback
+import certifi
import OpenSSL
from OpenSSL import SSL
@@ -373,7 +374,7 @@ class _Connection(object):
method=SSLv23_METHOD,
options=(OP_NO_SSLv2 | OP_NO_SSLv3),
verify_options=VERIFY_NONE,
- ca_path=None,
+ ca_path=certifi.where(),
ca_pemfile=None,
cipher_list=None,
alpn_protos=None,
@@ -403,8 +404,7 @@ class _Connection(object):
(err_depth, errno))
context.set_verify(verify_options, verify_cert)
- if ca_path is not None or ca_pemfile is not None:
- context.load_verify_locations(ca_pemfile, ca_path)
+ context.load_verify_locations(ca_pemfile, ca_path)
# Workaround for
# https://github.com/pyca/pyopenssl/issues/190
diff --git a/setup.py b/setup.py
index 0051ea77..aa27cd90 100644
--- a/setup.py
+++ b/setup.py
@@ -66,7 +66,8 @@ setup(
"pyOpenSSL>=0.15.1",
"cryptography>=0.9",
"passlib>=1.6.2",
- "hpack>=1.0.1"],
+ "hpack>=1.0.1",
+ "certifi"],
setup_requires=[
"cffi",
"pyOpenSSL>=0.15.1",
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-31 20:58:04 +0000