Python package for providing Mozilla's CA Bundle.

Navigation

Project links

Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: ISC

Author: Kenneth Reitz

Maintainers

Avatar for alexgaynor from gravatar.com alexgaynor Avatar for Lukasa from gravatar.com Lukasa

Classifiers

Project description

Certifi is a carefully curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. It has been extracted from the Requests project.

Installation

certifi is available on PyPI. Simply install it with pip:

$ pip install certifi

Usage

To reference the installed certificate authority (CA) bundle, you can use the built-in function:

>>> import certifi

>>> certifi.where()
'/usr/local/lib/python2.7/site-packages/certifi/cacert.pem'

Enjoy!

1024-bit Root Certificates

Browsers and certificate authorities have concluded that 1024-bit keys are unacceptably weak for certificates, particularly root certificates. For this reason, Mozilla has removed any weak (i.e. 1024-bit key) certificate from its bundle, replacing it with an equivalent strong (i.e. 2048-bit or greater key) certificate from the same CA. Because Mozilla removed these certificates from its bundle, certifi removed them as well.

Unfortunately, old versions of OpenSSL (less than 1.0.2) sometimes fail to validate certificate chains that use the strong roots. For this reason, if you fail to validate a certificate using the certifi.where() mechanism, you can intentionally re-add the 1024-bit roots back into your bundle by calling certifi.old_where() instead. This is not recommended in production: if at all possible you should upgrade to a newer OpenSSL. However, if you have no other option, this may work for you.

Project details

Project links

Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: ISC

Author: Kenneth Reitz

Maintainers

Avatar for alexgaynor from gravatar.com alexgaynor Avatar for Lukasa from gravatar.com Lukasa

Classifiers


Release history Release notifications | RSS feed

2021.10.8

2021.5.30

2020.12.5

2020.11.8

2020.6.20

2020.4.5.2

2020.4.5.1

2020.4.5

2019.11.28

2019.9.11

2019.6.16

2019.3.9

2018.11.29

2018.10.15

2018.8.24

2018.8.13

2018.4.16

2018.1.18

2017.11.5

2017.7.27.1

2017.7.27

2017.4.17

2017.1.23

2016.9.26

This version

2016.8.31

2016.8.8

2016.8.2

2016.2.28

2015.11.20.1

2015.11.20

2015.9.6.2

2015.9.6.1

2015.9.6

2015.04.28

14.05.14

1.0.1

1.0.0

0.0.8

0.0.7

0.0.6

0.0.5

0.0.4

0.0.3

0.0.2

0.0.1

0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for certifi, version 2016.8.31
Filename, size File type Python version Upload date Hashes
Filename, size certifi-2016.8.31.tar.gz (376.6 kB) File type Source Python version None Upload date Hashes View
Filename, size certifi-2016.8.31-py2.py3-none-any.whl (379.0 kB) File type Wheel Python version py2.py3 Upload date Hashes View

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Huawei Huawei PSF Sponsor Microsoft Microsoft PSF Sponsor NVIDIA NVIDIA PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page