diff options
author | Robert Schweikert <rjschwei@suse.com> | 2014-06-05 11:44:28 -0400 |
---|---|---|
committer | Robert Schweikert <rjschwei@suse.com> | 2014-06-05 11:44:28 -0400 |
commit | 97923c73a365debc31c5dead5074b32d2bad0483 (patch) | |
tree | 57601aacb30be9a7bafd0f0392e5ac531abbb048 | |
parent | 22f92961d45862bbb279ba792e62b1b63c3f0ccc (diff) | |
download | websocket-client-97923c73a365debc31c5dead5074b32d2bad0483.tar.gz |
- Allow the use of teh system default certificates by not installing the
supplied cacert.pem file
+ This allows distributions to package websocket without having to
ship/maintain the cacert.pem file that is part of this source tree
and use the distribution configured certs
-rw-r--r-- | websocket/_core.py | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/websocket/_core.py b/websocket/_core.py index 87bca4b..1fa1613 100644 --- a/websocket/_core.py +++ b/websocket/_core.py @@ -419,8 +419,12 @@ class WebSocket(object): if is_secure: if HAVE_SSL: - sslopt = dict(cert_reqs=ssl.CERT_REQUIRED, - ca_certs=os.path.join(os.path.dirname(__file__), "cacert.pem")) + sslopt = dict(cert_reqs=ssl.CERT_REQUIRED) + certPath = os.path.join( + os.path.dirname(__file__), "cacert.pem") + ) + if os.path.isfile(certPath): + sslopt['ca_certs'] = certPath sslopt.update(self.sslopt) self.sock = ssl.wrap_socket(self.sock, **sslopt) match_hostname(self.sock.getpeercert(), hostname) |