Skip to content

Add SSL CA certificate information to pip debug #7146

New issue
New issue
Closed
#7216
Closed
Add SSL CA certificate information to pip debug#7146
#7216
Labels
C: cliCommand line interface related things (optparse, option grouping etc)auto-lockedOutdated issues that have been locked by automationstate: awaiting PRFeature discussed, PR is neededtype: enhancementImprovements to functionality
@chrahunt

Description

@chrahunt
chrahunt
opened on Oct 6, 2019

What's the problem this feature will solve?

As described in #6720 (comment), pip may be using several sources of information for the CA certificate bundle to use for HTTPS requests. This makes it hard to debug user issues.

Describe the solution you'd like

In the output of pip debug we should include:

  • the cert setting from the highest-priority pip configuration file (and the configuration file path) - on second thought the location doesn't matter much
  • os.environ.get('REQUESTS_CA_BUNDLE')
  • os.environ.get('CURL_CA_BUNDLE')
  • pip._vendor.certifi.where()

This will provide insight into the CA certificate bundle in use for a given request, which can then be used in instructions to the user in conjunction with curl/openssl to submit an HTTP request independent of pip and rule out pip-specific issues.

Alternative Solutions

Do nothing.

Additional context

Metadata

Metadata

Assignees

No one assigned

    Labels

    C: cliCommand line interface related things (optparse, option grouping etc)auto-lockedOutdated issues that have been locked by automationstate: awaiting PRFeature discussed, PR is neededtype: enhancementImprovements to functionality

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions