truststore 0.10.4
pip install truststore
Released:
Verify certificates using native system trust stores
Navigation
Verified details
These details have been verified by PyPIMaintainers
๐ Avatar for davisagli from gravatar.comdavisagli ๐ Avatar for SethMichaelLarson from gravatar.com
SethMichaelLarson
Unverified details
These details have not been verified by PyPIProject links
Meta
-
License Expression: MIT
SPDX License Expression - Author: Seth Michael Larson
- Requires: Python >=3.10
Classifiers
- Development Status
- Intended Audience
- Operating System
- Programming Language
Project description
Truststore
Truststore is a library which exposes native system certificate stores (ie "trust stores")
through an ssl.SSLContext-like API. This means that Python applications no longer need to
rely on certifi as a root certificate store. Native system certificate stores
have many helpful features compared to a static certificate bundle like certifi:
- Automatically update certificates as new CAs are created and removed
- Fetch missing intermediate certificates
- Check certificates against certificate revocation lists (CRLs) to avoid monster-in-the-middle (MITM) attacks
- Managed per-system rather than per-application by a operations/IT team
- PyPI is no longer a CA distribution channel ๐ฅณ
Right now truststore is a stand-alone library that can be installed globally in your application to immediately take advantage of the benefits in Python 3.10+. Truststore has also been integrated into pip 24.2+ as the default method for verifying HTTPS certificates (with a fallback to certifi).
Long-term the hope is to add this functionality into Python itself. Wish us luck!
Installation
Truststore is installed from PyPI with pip:
$ python -m pip install truststore
Truststore requires Python 3.10 or later and supports the following platforms:
- macOS 10.8+ via Security framework
- Windows via CryptoAPI
- Linux via OpenSSL
User Guide
Warning PLEASE READ:
inject_into_ssl()must not be used by libraries or packages as it will cause issues on import time when integrated with other libraries. Libraries and packages should instead usetruststore.SSLContextdirectly which is detailed below.The
inject_into_ssl()function is intended only for use in applications and scripts.
You can inject truststore into the standard library ssl module so the functionality is used
by every library by default. To do so use the truststore.inject_into_ssl() function:
importtruststore truststore.inject_into_ssl() # Automatically works with urllib3, requests, aiohttp, and more: importurllib3 http = urllib3.PoolManager() resp = http.request("GET", "https://example.com") importaiohttp http = aiohttp.ClientSession() resp = await http.request("GET", "https://example.com") importrequests resp = requests.get("https://example.com")
If you'd like finer-grained control or you're developing a library or package you can create your own truststore.SSLContext instance
and use it anywhere you'd use an ssl.SSLContext:
importssl importtruststore ctx = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT) importurllib3 http = urllib3.PoolManager(ssl_context=ctx) resp = http.request("GET", "https://example.com")
You can read more in the user guide in the documentation.
License
MIT
Project details
Verified details
These details have been verified by PyPIMaintainers
๐ Avatar for davisagli from gravatar.comdavisagli ๐ Avatar for SethMichaelLarson from gravatar.com
SethMichaelLarson
Unverified details
These details have not been verified by PyPIProject links
Meta
-
License Expression: MIT
SPDX License Expression - Author: Seth Michael Larson
- Requires: Python >=3.10
Classifiers
- Development Status
- Intended Audience
- Operating System
- Programming Language
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file truststore-0.10.4.tar.gz.
File metadata
- Download URL: truststore-0.10.4.tar.gz
- Upload date:
- Size: 26.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9d91bd436463ad5e4ee4aba766628dd6cd7010cf3e2461756b3303710eebc301
|
|
| MD5 |
d66211e2bd37f6852bd6009728170313
|
|
| BLAKE2b-256 |
53a31585216310e344e8102c22482f6060c7a6ea0322b63e026372e6dcefcfd6
|
File details
Details for the file truststore-0.10.4-py3-none-any.whl.
File metadata
- Download URL: truststore-0.10.4-py3-none-any.whl
- Upload date:
- Size: 18.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
adaeaecf1cbb5f4de3b1959b42d41f6fab57b2b1666adb59e89cb0b53361d981
|
|
| MD5 |
9d7fed52ff73f29296a3e10f404b17b3
|
|
| BLAKE2b-256 |
199756608b2249fe206a67cd573bc93cd9896e1efb9e98bce9c163bcdc704b88
|