verify=True
to validate the certificate.33
34def fetch_version(request):
35 """Fetch verison of bgmi."""
36 version = requests.get(37 "https://pypi.python.org/pypi/bgmi/json", verify=False
38 ).json()["info"]["version"]
39 return version
ssl._create_default_https_context
, which has certificate validation enabled by default105
106
107def tar_something():
108 context = ssl._create_stdlib_context()109 os.tempnam("dir1")
110 subprocess.Popen("/bin/chown *", shell=True)
111 o.system("/bin/tar xvzf *")
It is recommended to validate server certificate during SSL/TLS sessions to protect it from man-in-the-middle attacks.
The certificate chain validation takes care of the following things:
import ssl
context = ssl.create_default_context()
ctx3.verify_mode = ssl.CERT_NONE # Setting this won't verify the certificate
import ssl
context = ssl.create_default_context()
ctx3.verify_mode = ssl.CERT_REQUIRED