Add SSL CA certificate information to pip debug
#7146
Comments
chrahunt
added
type: enhancement
|
I think I can handle this one, but how would one get the I see: pip/src/pip/_internal/configuration.py Line 102 in a0b75cc |
|
Discussed this in person at PyCon India sprints. Noting here for myself, that the suggested approach makes sense, since our configuration is cascading in a manner not handled by |
|
@Pachwenko I don't have the answer offhand, but if you want to do the others that would be totally fine. We can check them off in the original post as they get completed. |
|
@chrahunt I think it's best to leave the "get highest level file" details to a follow up PR since we'd need to keep track of more details than we're exposing publicly from the Configuration object currently. |
|
Agreed, that's what I was implying in my comment (in case it wasn't clear). 👍 |
lock
bot
added
the
auto-locked
What's the problem this feature will solve?
As described in #6720 (comment), pip may be using several sources of information for the CA certificate bundle to use for HTTPS requests. This makes it hard to debug user issues.
Describe the solution you'd like
In the output of
pip debugwe should include:certsetting from the highest-priority pip configuration file (and the configuration file path) - on second thought the location doesn't matter muchos.environ.get('REQUESTS_CA_BUNDLE')os.environ.get('CURL_CA_BUNDLE')pip._vendor.certifi.where()This will provide insight into the CA certificate bundle in use for a given request, which can then be used in instructions to the user in conjunction with curl/openssl to submit an HTTP request independent of pip and rule out pip-specific issues.
Alternative Solutions
Do nothing.
Additional context
--cert#6720The text was updated successfully, but these errors were encountered: