[Bug 230414] security/py-certifi: add option to use certificate bundle from ca_root_nss

bugzilla-noreply Mon, 06 Aug 2018 10:56:12 -0700

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=230414


            Bug ID: 230414
           Summary: security/py-certifi: add option to use certificate
                    bundle from ca_root_nss
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Keywords: patch
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: pyt...@freebsd.org
          Reporter: ser...@akhmatov.ru
             Flags: maintainer-feedback?(pyt...@freebsd.org)
          Assignee: pyt...@freebsd.org

Created attachment 195946
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=195946&action=edit
py-certifi use CAs from ca_root_nss

The proposed patch adds option to use certificate bundle from
security/ca_root_nss instead of one shipped with certifi.

The idea behind this patch is to add ability to trust to some extra local CAs.
Such functionality is going to be added to ca_root_nss soon (I hope):
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=160387

I think it would be convenient to use trusted certificates from single source.

---
QA: poudriere testport with option ON and OFF builds fine

The behavior doesn't change with option OFF.
With option ON the behavior is as expected:

>>> import certifi
>>> certifi.where()
'/usr/local/etc/ssl/cert.pem'

-- 
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
freebsd-python@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-python
To unsubscribe, send any mail to "freebsd-python-unsubscr...@freebsd.org"

[Bug 230414] security/py-certifi: add option to use certificate bundle from ca_root_nss

Reply via email to