Added support for specifying the ca-certificates.crt file #379

Closed
wants to merge 5 commits into
from

Projects

None yet

3 participants

@ovidiucp

Added support for specifying the location of the ca-certificates.crt file.

To specify the location, use the configure() method before making any
async HTTP calls, like this:

from tornado.httpclient import AsyncHTTPClient
AsyncHTTPClient.configure("tornado.simple_httpclient.SimpleAsyncHTTPClient",
ca_certs='/path/to/ca-certificates.crt')

The file can be found in the tornado/ directory inside the source tree
distribution.

@ovidiucp ovidiucp Added support for specifying the location of the ca-certificates.crt …
…file.

To specify the location, use the configure() method before making any
async HTTP calls, like this:

  from tornado.httpclient import AsyncHTTPClient
  AsyncHTTPClient.configure("tornado.simple_httpclient.SimpleAsyncHTTPClient",
                            ca_certs='/path/to/ca-certificates.crt')

The file can be found in the tornado/ directory inside the source tree
distribution.
162cb8f
@bdarnell
tornadoweb member

This is part of a more general need to configure some of the HTTPRequest settings globally (proxy and ipv6 settings also make the most sense as globals). I'd rather be able to pass in a dictionary of default request settings to AsyncHTTPClient() rather than list each one explicitly. The tricky part is how exactly it would work - it would get pretty ugly (and/or magical) to let every HTTPRequest field read its default value from the AsyncHTTPClient, but it's also unpleasant to enumerate a short list of fields that can be set like this while the rest can't.

@ovidiucp

I see what you mean.

How about a scheme where there is a dictionary of settings (ca_certs, proxy, ipv6, redirects settings, timeouts, etc) that sets the defaults for all AsyncHTTPClient requests, and in addition these settings can be modified on a per-request basis? We can have a common method that looks these settings first in the request and if not present in the global dictionary. The only problem I see is the number of lookups done for each request, I'm not sure whether this is the ugly part you're referring to.

Let me know if this sounds good, I can go ahead and do it.

@bdarnell
tornadoweb member

Yeah, I think that's the right way to do it. It's just a little ugly since you have to go through this new method (and pass names as strings, etc) all the time instead of referring to the request attributes directly.

@conorbranagan

I've run into this same bug when packaging up tornado into an exe with py2exe. It's looking for the cert file from the base path to the exe, so I end up looking for it at C:\path\to\program.exe\tornado/ca-ceritifcates.crt. I'd love to see this get into the mainline if the final version ever gets implemented.

@ovidiucp ovidiucp Merge remote-tracking branch 'upstream/master'
Conflicts:
	tornado/simple_httpclient.py
b4aea94
@bdarnell bdarnell closed this in 1a5b337 Nov 19, 2012
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment