REQUESTS_CA_BUNDLE not working
Closed this issue · 1 comments
In our corporate environment, we are behind a proxy that does SSL interceptions (man in the middle), and it has a custom CA Cert that needs to be used. Normally I just import this CA into the system CA bundle, then tell python requests to use it with the REQUESTS_CA_BUNDLE environment variable and everything works fine. However, it looks like there is an issue in the upstream.py with the prepared requests, specifically see this section in the docs for prepared requests:
When you are using the prepared request flow, keep in mind that it does not take into account the environment. This can cause problems if you are using environment variables to change the behaviour of requests. For example: Self-signed SSL certificates specified in REQUESTS_CA_BUNDLE will not be taken into account. As a result an SSL: CERTIFICATE_VERIFY_FAILED is thrown. You can get around this behaviour by explicitly merging the environment settings into your session.
I have tested this out by replacing the two s.send calls in upstream.py with the environment merging as shown in the documentation, and it works fine. Fixing that will enable a lot of us that are stuck behind our terrible corporate proxies.