HTTPX hides missing CA certs #2345
Unanswered
nhoad
asked this question in
Potential Issue
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi! I recently hit upon a situation where my code was failing to negotiate TLS after the process had been running for some time. Long story short it's because I deploy my code to versioned paths, and once the old CA cert path is cleaned up, there's no CA certs to verify against.
In digging into this I realised I would have expected a FileNotFoundError to bubble up through httpx, and I found a bug in the httpx code that sets up verification - https://github.com/encode/httpx/blob/master/httpx/_config.py#L140-L145. If this block had an else clause to raise an exception about not knowing how to load the ca_bundle_path, it would have been significantly easier to debug this.
Beta Was this translation helpful? Give feedback.
All reactions