Use custom TLS certificate if provided
Since `urllib3` uses `certifi` as the certificate provider [1], if the users enable TLS with a custom certificate, the `Service.do_get` method will not be able to verify the custom certificate. According to the documentation [1], we need to add `cert_reqs` and `ca_certs` to the `urllib3.PoolManager` when a custom certificate is used. [1] https://urllib3.readthedocs.io/en/latest/advanced-usage.html#custom-tls-certificates Story: #2011168 Task: #50514 Change-Id: I75857cf0d0d37254180aa3ae2305e16610c9fab4
This commit is contained in:
parent
b6d2581444
commit
f30afbb1bc
@ -59,6 +59,10 @@ class Service(object):
|
||||
if self.disable_ssl_validation:
|
||||
urllib3.disable_warnings()
|
||||
http = urllib3.PoolManager(cert_reqs='CERT_NONE')
|
||||
elif self.ca_certs is not None:
|
||||
http = urllib3.PoolManager(
|
||||
cert_reqs='REQUIRED', ca_certs=self.ca_certs
|
||||
)
|
||||
else:
|
||||
http = urllib3.PoolManager()
|
||||
r = http.request('GET', url, headers=self.headers)
|
||||
|
Loading…
x
Reference in New Issue
Block a user