certifi

Python package for providing Mozilla's CA Bundle.

Project description

Certifi is a carefully curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. It has been extracted from the Requests project.

Installation

certifi is available on PyPI. Simply install it with pip:

$ pip install certifi

Usage

To reference the installed certificate authority (CA) bundle, you can use the built-in function:

>>> import certifi

>>> certifi.where()
'/usr/local/lib/python2.7/site-packages/certifi/cacert.pem'

Enjoy!

1024-bit Root Certificates

Browsers and certificate authorities have concluded that 1024-bit keys are unacceptably weak for certificates, particularly root certificates. For this reason, Mozilla has removed any weak (i.e. 1024-bit key) certificate from its bundle, replacing it with an equivalent strong (i.e. 2048-bit or greater key) certificate from the same CA. Because Mozilla removed these certificates from its bundle, certifi removed them as well.

Unfortunately, old versions of OpenSSL (less than 1.0.2) sometimes fail to validate certificate chains that use the strong roots. For this reason, if you fail to validate a certificate using the certifi.where() mechanism, you can intentionally re-add the 1024-bit roots back into your bundle by calling certifi.old_where() instead. This is not recommended in production: if at all possible you should upgrade to a newer OpenSSL. However, if you have no other option, this may work for you.

Project details

Release history Release notifications | RSS feed

2021.10.8

Oct 8, 2021

2021.5.30

May 30, 2021

2020.12.5

Dec 5, 2020

2020.11.8

Nov 8, 2020

2020.6.20

Jun 20, 2020

2020.4.5.2

Jun 7, 2020

2020.4.5.1

Apr 5, 2020

2020.4.5

Apr 5, 2020

2019.11.28

Nov 28, 2019

2019.9.11

Sep 11, 2019

2019.6.16

Jun 16, 2019

2019.3.9

Mar 9, 2019

2018.11.29

Nov 29, 2018

2018.10.15

Oct 15, 2018

2018.8.24

Aug 24, 2018

2018.8.13

Aug 13, 2018

2018.4.16

Apr 16, 2018

2018.1.18

Jan 18, 2018

2017.11.5

Nov 5, 2017

2017.7.27.1

Jul 27, 2017

2017.7.27

Jul 27, 2017

2017.4.17

Apr 17, 2017

2017.1.23

Jan 23, 2017

2016.9.26

Sep 26, 2016

2016.8.31

Aug 31, 2016

2016.8.8

Aug 8, 2016

2016.8.2

Aug 2, 2016

This version

2016.2.28

Feb 28, 2016

2015.11.20.1

Nov 30, 2015

2015.11.20

Nov 20, 2015

2015.9.6.2

Sep 7, 2015

2015.9.6.1

Sep 6, 2015

2015.9.6

Sep 6, 2015

2015.04.28

Apr 28, 2015

14.05.14

May 18, 2014

1.0.1

Mar 10, 2014

1.0.0

Jan 17, 2014

0.0.8

Jan 30, 2012

0.0.7

Jan 23, 2012

0.0.6

Dec 28, 2011

0.0.5

Dec 28, 2011

0.0.4

Dec 28, 2011

0.0.3

Dec 28, 2011

0.0.2

Dec 28, 2011

0.0.1

Dec 28, 2011

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for certifi, version 2016.2.28
Filename, size	File type	Python version	Upload date	Hashes
Filename, size certifi-2016.2.28.tar.gz (364.0 kB)	File type Source	Python version None	Upload date Feb 28, 2016	Hashes View
Filename, size certifi-2016.2.28-py2.py3-none-any.whl (366.9 kB)	File type Wheel	Python version 2.7	Upload date Feb 28, 2016	Hashes View

Hashes for certifi-2016.2.28.tar.gz

Hashes for certifi-2016.2.28.tar.gz
Algorithm	Hash digest
SHA256	`5e8eccf95924658c97b990b50552addb64f55e1e3dfe4880456ac1f287dc79d0`
MD5	`5d672aa766e1f773c75cfeccd02d3650`
BLAKE2-256	`5cf8f6c54727c74579c6bbe5926f5deb9677c5810a33e11da58d1a4e2d09d041`

Hashes for certifi-2016.2.28-py2.py3-none-any.whl

Hashes for certifi-2016.2.28-py2.py3-none-any.whl
Algorithm	Hash digest
SHA256	`75c33d546e0a732a4606749cbadcd81929f30d8b814061ca93cde49933dbb860`
MD5	`409448ee124f3159d912e4e155b034b0`
BLAKE2-256	`db601ed0106bde7b14b363b15b17cc308aad93ba57d3582570f3ad7180ae0fae`