Truststore#

Verify certificates using OS trust stores. Supports macOS, Windows, and Linux (with OpenSSL).

Warning

This project should be considered experimental so shouldn’t be used in production.

Platforms#

Usage#

The truststore module has a single API: truststore.SSLContext

   import truststore

   ctx = truststore.SSLContext()

This SSLContext works the same as an ssl.SSLContext. You can use it anywhere you would use an ssl.SSLContext and system trust stores are automatically used to verify peer certificates:

   import urllib3

   http = urllib3.PoolManager(ssl_context=ctx)
   http.request("GET", "https://example.com")

Supports wrapping socket.socket and ssl.MemoryBIO so works with both synchronous and asynchronous I/O:

   import aiohttp

   http = aiohttp.ClientSession(ssl=ctx)
   await http.request("GET", "https://example.com")

Prior art#

License#

MIT