- Allow the use of teh system default certificates by not installing the

supplied cacert.pem file + This allows distributions to package websocket without having to ship/maintain the cacert.pem file that is part of this source tree and use the distribution configured certs
author: Robert Schweikert <rjschwei@suse.com> 2014-06-05 11:44:28 -0400
committer: Robert Schweikert <rjschwei@suse.com> 2014-06-05 11:44:28 -0400
commit: 97923c73a365debc31c5dead5074b32d2bad0483 (patch)
tree: 57601aacb30be9a7bafd0f0392e5ac531abbb048
parent: 22f92961d45862bbb279ba792e62b1b63c3f0ccc (diff)
download: websocket-client-97923c73a365debc31c5dead5074b32d2bad0483.tar.gz
1 files changed, 6 insertions, 2 deletions
diff --git a/websocket/_core.py b/websocket/_core.py
index 87bca4b..1fa1613 100644
--- a/websocket/_core.py
+++ b/websocket/_core.py
@@ -419,8 +419,12 @@ class WebSocket(object):
 
         if is_secure:
             if HAVE_SSL:
-                sslopt = dict(cert_reqs=ssl.CERT_REQUIRED,
-                              ca_certs=os.path.join(os.path.dirname(__file__), "cacert.pem"))
+                sslopt = dict(cert_reqs=ssl.CERT_REQUIRED)
+                certPath = os.path.join(
+                    os.path.dirname(__file__), "cacert.pem")
+                )
+                if os.path.isfile(certPath):
+                    sslopt['ca_certs'] = certPath
                 sslopt.update(self.sslopt)
                 self.sock = ssl.wrap_socket(self.sock, **sslopt)
                 match_hostname(self.sock.getpeercert(), hostname)
author	Robert Schweikert <rjschwei@suse.com>	2014-06-05 11:44:28 -0400
committer	Robert Schweikert <rjschwei@suse.com>	2014-06-05 11:44:28 -0400
commit	97923c73a365debc31c5dead5074b32d2bad0483 (patch)
tree	57601aacb30be9a7bafd0f0392e5ac531abbb048
parent	22f92961d45862bbb279ba792e62b1b63c3f0ccc (diff)
download	websocket-client-97923c73a365debc31c5dead5074b32d2bad0483.tar.gz