Truststore#
Verify certificates using OS trust stores. Supports macOS, Windows, and Linux (with OpenSSL).
Warning
This project should be considered experimental so shouldn’t be used in production.
Platforms#
Requires Python 3.10 or later
Supports macOS 10.8+ via Security framework
Supports Windows via CryptoAPI
Supports Linux via OpenSSL
Usage#
The truststore
module has a single API: truststore.SSLContext
import truststore
ctx = truststore.SSLContext()
This SSLContext
works the same as an ssl.SSLContext
.
You can use it anywhere you would use an ssl.SSLContext
and
system trust stores are automatically used to verify peer certificates:
import urllib3
http = urllib3.PoolManager(ssl_context=ctx)
http.request("GET", "https://example.com")
Supports wrapping socket.socket
and ssl.MemoryBIO
so
works with both synchronous and asynchronous I/O:
import aiohttp
http = aiohttp.ClientSession(ssl=ctx)
await http.request("GET", "https://example.com")
Prior art#
License#
MIT