diff options
author | Oleg Pudeyev <oleg@bsdpower.com> | 2016-01-15 01:51:49 -0500 |
---|---|---|
committer | Oleg Pudeyev <oleg@bsdpower.com> | 2016-01-15 01:51:49 -0500 |
commit | 63382fb06967070bac312d18389852baf3b5c51a (patch) | |
tree | 83dd68bc0ef1121f2b69770e18a894a389d18bce /INSTALL.rst | |
parent | e06a6dc378b747a8292e11eabc2c4cb513753973 (diff) | |
download | pycurl-63382fb06967070bac312d18389852baf3b5c51a.tar.gz |
Document certificate bundle situation, closes #355
Diffstat (limited to 'INSTALL.rst')
-rw-r--r-- | INSTALL.rst | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/INSTALL.rst b/INSTALL.rst index f566496..311c98e 100644 --- a/INSTALL.rst +++ b/INSTALL.rst @@ -311,3 +311,19 @@ backend, you can try rebuilding libcurl and PycURL against another SSL backend. .. _reported: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=515200 .. _problems: https://bugs.launchpad.net/ubuntu/+source/pycurl/+bug/1111673 + + +SSL Certificate Bundle +---------------------- + +libcurl, and PycURL, by default verify validity of HTTPS servers' SSL +certificates. Doing so requires a CA certificate bundle, which libcurl +and most SSL libraries do not provide. + +Here_ is a good resource on how to build your own certificate bundle. +certifie.com also has a `prebuilt certificate bundle`_. +To use the certificate bundle, use ``CAINFO`` or ``CAPPATH`` PycURL +options. + +.. _Here: http://certifie.com/ca-bundle/ +.. _prebuilt certificate bundle: http://certifie.com/ca-bundle/ca-bundle.crt.txt |