From 97923c73a365debc31c5dead5074b32d2bad0483 Mon Sep 17 00:00:00 2001 From: Robert Schweikert Date: Thu, 5 Jun 2014 11:44:28 -0400 Subject: [PATCH] - Allow the use of teh system default certificates by not installing the supplied cacert.pem file + This allows distributions to package websocket without having to ship/maintain the cacert.pem file that is part of this source tree and use the distribution configured certs --- websocket/_core.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/websocket/_core.py b/websocket/_core.py index 87bca4b..1fa1613 100644 --- a/websocket/_core.py +++ b/websocket/_core.py @@ -419,8 +419,12 @@ class WebSocket(object): if is_secure: if HAVE_SSL: - sslopt = dict(cert_reqs=ssl.CERT_REQUIRED, - ca_certs=os.path.join(os.path.dirname(__file__), "cacert.pem")) + sslopt = dict(cert_reqs=ssl.CERT_REQUIRED) + certPath = os.path.join( + os.path.dirname(__file__), "cacert.pem") + ) + if os.path.isfile(certPath): + sslopt['ca_certs'] = certPath sslopt.update(self.sslopt) self.sock = ssl.wrap_socket(self.sock, **sslopt) match_hostname(self.sock.getpeercert(), hostname)