add the .verify property correctly

jira/client.py

@@ -378,8 +378,11 @@ def __init__(
                 * rest_api_version -- the version of the REST resources under rest_path to use. Defaults to ``2``.
                 * agile_rest_path - the REST path to use for Jira Agile requests. Defaults to ``greenhopper`` (old, private
                   API). Check :py:class:`jira.resources.GreenHopperResource` for other supported values.
-                * verify -- Verify SSL certs. Defaults to ``True``.
-                * client_cert -- a tuple of (cert,key) for the requests library for client side SSL
+                * verify (Union[bool, str]) -- Verify SSL certs. Defaults to ``True``.
+                  Or path to to a CA_BUNDLE file or directory with certificates of trusted CAs,
+                  for the `requests` library to use.
+                * client_cert (Union[str, Tuple[str,str]]) -- Path to file with both cert and key or
+                  a tuple of (cert,key), for the `requests` library to use for client side SSL.
                 * check_update -- Check whether using the newest python-jira library version.
                 * headers -- a dict to update the default headers the session uses for all API requests.
 
@@ -480,7 +483,6 @@ def __init__(
             self._create_oauth_session(oauth, timeout)
         elif basic_auth:
             self._create_http_basic_session(*basic_auth, timeout=timeout)
-            self._session.headers.update(self._options["headers"])
         elif jwt:
             self._create_jwt_session(jwt, timeout)
         elif token_auth:
@@ -492,12 +494,12 @@ def __init__(
             # always log in for cookie based auth, as we need a first request to be logged in
             validate = True
         else:
-            verify = bool(self._options["verify"])
             self._session = ResilientSession(timeout=timeout)
-            self._session.verify = verify
 
         # Add the client authentication certificate to the request if configured
         self._add_client_cert_to_session()
+        # Add the SSL Cert to the request if configured
+        self._add_ssl_cert_verif_strategy_to_session()
 
         self._session.headers.update(self._options["headers"])
 
@@ -560,7 +562,6 @@ def _create_cookie_auth(
     ):
         self._session = ResilientSession(timeout=timeout)
         self._session.auth = JiraCookieAuth(self._session, self.session, auth)
-        self._session.verify = bool(self._options["verify"])
 
     def _check_update_(self):
         """Check if the current version of the library is outdated."""
@@ -3345,15 +3346,12 @@ def _create_http_basic_session(
         Returns:
             ResilientSession
         """
-        verify = bool(self._options["verify"])
         self._session = ResilientSession(timeout=timeout)
-        self._session.verify = verify
         self._session.auth = (username, password)
 
     def _create_oauth_session(
         self, oauth, timeout: Optional[Union[Union[float, int], Tuple[float, float]]]
     ):
-        verify = bool(self._options["verify"])
 
         from oauthlib.oauth1 import SIGNATURE_RSA
         from requests_oauthlib import OAuth1
@@ -3366,15 +3364,13 @@ def _create_oauth_session(
             resource_owner_secret=oauth["access_token_secret"],
         )
         self._session = ResilientSession(timeout)
-        self._session.verify = verify
         self._session.auth = oauth_instance
 
     def _create_kerberos_session(
         self,
         timeout: Optional[Union[Union[float, int], Tuple[float, float]]],
         kerberos_options=None,
     ):
-        verify = bool(self._options["verify"])
         if kerberos_options is None:
             kerberos_options = {}
 
@@ -3391,18 +3387,32 @@ def _create_kerberos_session(
             )
 
         self._session = ResilientSession(timeout=timeout)
-        self._session.verify = verify
         self._session.auth = HTTPKerberosAuth(
             mutual_authentication=mutual_authentication
         )
 
     def _add_client_cert_to_session(self):
+        """Adds the client certificate to the session.
+        If configured through the constructor.
+
+        https://docs.python-requests.org/en/master/user/advanced/#client-side-certificates
+        - str: a single file (containing the private key and the certificate)
+        - Tuple[str,str] a tuple of both files’ paths
         """
-        Adds the client certificate to the request if configured through the constructor.
-        """
-        client_cert: Tuple[str, str] = self._options["client_cert"]  # to help mypy
+        client_cert: Union[str, Tuple[str, str]] = self._options["client_cert"]
         self._session.cert = client_cert
 
+    def _add_ssl_cert_verif_strategy_to_session(self):
+        """Adds verification strategy for host SSL certificates.
+        If configured through the constructor.
+
+        https://docs.python-requests.org/en/master/user/advanced/#ssl-cert-verification
+        - str: Path to a `CA_BUNDLE` file or directory with certificates of trusted CAs.
+        - bool: True/False
+        """
+        ssl_cert: Union[bool, str] = self._options["verify"]
+        self._session.verify = ssl_cert
+
     @staticmethod
     def _timestamp(dt: datetime.timedelta = None):
         t = datetime.datetime.utcnow()
@@ -3428,7 +3438,6 @@ def _create_jwt_session(
         for f in jwt["payload"].items():
             jwt_auth.add_field(f[0], f[1])
         self._session = ResilientSession(timeout=timeout)
-        self._session.verify = bool(self._options["verify"])
         self._session.auth = jwt_auth
 
     def _create_token_session(
@@ -3440,9 +3449,7 @@ def _create_token_session(
         Creates token-based session.
         Header structure: "authorization": "Bearer <token_auth>"
         """
-        verify = self._options["verify"]
         self._session = ResilientSession(timeout=timeout)
-        self._session.verify = verify
         self._session.auth = TokenAuth(token_auth)
 
     def _set_avatar(self, params, url, avatar):