ssl: use certifi explicitly for aiohttp and electrum-server connections
fixes ssl issues on Android
This commit is contained in:
SomberNight
@@ -33,6 +33,7 @@ from collections import defaultdict
|
||||
|
||||
import aiorpcx
|
||||
from aiorpcx import RPCSession, Notification
|
||||
import requests
|
||||
|
||||
from .util import PrintError, ignore_exceptions, log_exceptions, bfh, SilentTaskGroup
|
||||
from . import util
|
||||
@@ -48,6 +49,9 @@ if TYPE_CHECKING:
|
||||
from .network import Network
|
||||
|
||||
|
||||
ca_path = requests.certs.where()
|
||||
|
||||
|
||||
class NotificationSession(RPCSession):
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
@@ -232,7 +236,7 @@ class Interface(PrintError):
|
||||
return None
|
||||
|
||||
# see if we already have cert for this server; or get it for the first time
|
||||
ca_sslc = ssl.create_default_context(ssl.Purpose.SERVER_AUTH)
|
||||
ca_sslc = ssl.create_default_context(purpose=ssl.Purpose.SERVER_AUTH, cafile=ca_path)
|
||||
if not self._is_saved_ssl_cert_available():
|
||||
await self._try_saving_ssl_cert_for_first_time(ca_sslc)
|
||||
# now we have a file saved in our certificate store
|
||||
|
||||
Reference in New Issue
Block a user