McSinyx
/
pip
mirror of https://github.com/pypa/pip
1
1
Fork 0
Code Issues Releases Activity

Improve SSL Certificate Verification details

This commit is contained in:
Ben Bodenmiller 2021-01-19 17:54:22 -08:00 committed by GitHub
parent 202bdfad64
commit 98b3d19e53
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/html/reference/pip_install.rst
View File

@ -561,8 +561,14 @@ See the :ref:`pip install Examples<pip install Examples>`.
SSL Certificate Verification
----------------------------
Starting with v1.3, pip provides SSL certificate verification over https, to
prevent man-in-the-middle attacks against PyPI downloads.
Starting with v1.3, pip provides SSL certificate verification over HTTP, to
prevent man-in-the-middle attacks against PyPI downloads. This is handled by
`requests <https://pypi.org/project/requests/>`_ which by default uses a
bundled CA certificate store provided by
`certifi <https://pypi.org/project/certifi/>`_ and does not use the system
certificate store. This may by overridden by using ``--cert`` option or by
using ``REQUESTS_CA_BUNDLE`` or ``CURL_CA_BUNDLE`` `environment variables <https://requests.readthedocs.io/en/latest/user/advanced/#verification>`_
supported by ``requests``.
.. _`Caching`: