This package patches pip and requests at runtime to use certificatesfrom the default system store (rather than the bundled certs ca).
This will allow pip to verify tls/ssl connections to servers who's certis trusted by your system install.
Simply install with:
pip install pip_system_certs
and pip should trust your https sites if your host os does.
This also extends to all direct uses of the requests library (and otherpackages that use requests)
PyInstaller
The method used to automatically enable the cert handling inrequests/pip/etc relies on a .pth
file script that python loads atstartup. This method does not work when a python application is bundledinto an executable with PyInstaller (or similar).
If you want to use this tool in an application built with PyInstaller itwill need to be manually enabled in your application.
This can be done by adding the following line to the top of your mainapplication script:
import pip_system_certs.wrapt_requests
This must be run before requests
is imported.
Acknowledgements
The method of patching at runtime is built from the autowrapt module:
version: 4.0