Fix SSL certificate verification error by adding certifi as default CA bundle

[Copilot]

• Add certifi as a dependency in pyproject.toml and requirements.txt
• Update templates/configuration.mustache to import certifi and use it as default for ssl_ca_cert
• Update ynab/configuration.py to import certifi and use certifi.where() as default ssl_ca_cert
• Test the changes by verifying SSL connections work properly
• Run existing tests to ensure no breaking changes
• Verify backward compatibility with custom ssl_ca_cert
• Validate that REST client properly uses CA certificates
• Update poetry.lock to include certifi dependency

Summary

Fixed the SSL certificate verification error by adding certifi as a dependency and using it as the default source for CA certificates. When ssl_ca_cert is not explicitly provided, the Configuration class now automatically uses certifi.where() to get the path to a reliable CA certificate bundle.

Changes

• Added certifi >= 14.05.14 dependency
• Modified Configuration class to use certifi.where() as default for ssl_ca_cert
• Updated both the template and generated code
• Updated poetry.lock to include certifi and its dependencies

Testing

• ✅ Configuration correctly uses certifi by default
• ✅ REST client properly initializes with SSL settings
• ✅ No SSLError when making HTTPS connections
• ✅ Custom ssl_ca_cert values still respected
• ✅ Existing test suite passes
• ✅ Poetry lock file updated and validated

Original prompt

---

This section details on the original issue you should resolve

<issue_title>HTTPSConnectionPool Error when connecting to budget</issue_title>
<issue_description>Hey all, I am getting the following error on the budgets_response = budgets_api.get_budgets() line of the example in the README.md.

MaxRetryError: HTTPSConnectionPool(host='api.ynab.com', port=443): Max retries exceeded with url: /v1/budgets (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:997)')))

I think this is an issue with the module itself because I am able to hit the API using the quick start guide with no problem.</issue_description>

<agent_instructions>Fix this issue</agent_instructions>

Comments on the Issue (you are @copilot in this section)

@bradymholt Sorry for the delay! This is strange! Can you try with the latest version and me know if you're still seeing this? @bradymholt I'm going to close this out. If you are still hitting this with the latest version please let us know.

Fixes #1

---

💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.

[bradymholt]

@copilot I got "pyproject.toml changed significantly since poetry.lock was last generated. Run poetry lock to fix the lock file." on build.

[Copilot]

@copilot I got "pyproject.toml changed significantly since poetry.lock was last generated. Run poetry lock to fix the lock file." on build.

Updated poetry.lock by running poetry lock. The lock file now includes certifi and its dependencies with the correct content hash.

[github-actions]

The changes in this PR were just released in 1.9.0 🎉.