I named this library after my wife, whom I trust the most. ❤️
This project offers you a great alternative to the MPL licensed certifi.
This project allows you to access your original operating system trust store, thus helping you to verify the remote peer certificates. It automatically fallback to an embedded trust store generated from the CCADB trusted source.
It works as-is out-of-the-box for any operating systems out there. Available on PyPy and Python 3.7+
Using pip:
pip install wassima -UA) Create a SSLContext
import wassima
ctx = wassima.create_default_ssl_context()
# ... The context magically contain your system root CAs, the rest is up to you!B) Retrieve individually root CAs in a binary form (DER)
import wassima
certs = wassima.root_der_certificates()
# ... It contains a list of certificate represented in bytesC) Retrieve individually root CAs in a string form (PEM)
import wassima
certs = wassima.root_pem_certificates()
# ... It contains a list of certificate represented in stringD) Retrieve a single bundle (concatenated) list of PEM certificates like certifi does
import wassima
bundle = wassima.generate_ca_bundle()
# ... It contains a string with all of your root CAs!
# It is not a path but the file content itself.C) Register your own CA in addition to the system's
import wassima
# register CA only accept string PEM (one at a time!)
wassima.register_ca(open("./myrootca.pem", "r").read())
bundle = wassima.generate_ca_bundle()
# ... It contains a string with all of your root CAs, PLUS your own 'myrootca.pem'.
# It is not a path but the file content itself.