The truststore package

[aDramaQueen]

Hi,
I recently updated my HTTPX package and discovered there are some changes to the __init__ method of the client, regarding the TLS/SSL context. Therefore, I reread the DOCs, where I saw your promotion of the trustore package.

I was confused about this. The trustore package seems to me unnecessary. If it really is just adding the CA certificates from your operation system, then you may get the exact same result with pure Python and the load_default_certs(...) function within the ssl module:

def get_os_ssl_context():
    ctx: ssl.SSLContext = ssl.create_default_context(ssl.Purpose.SERVER_AUTH)
    ctx.load_default_certs(ssl.Purpose.SERVER_AUTH)
    return ctx

To be clear: I don't want to badmouth this library, perhaps i missed something about this library? But if it really is just adding the OS CA files, then this seems to me as an unnecessary 3rd party library. Do I miss something here?

[tomchristie]

load_default_certs() won't give you the same behaviour, tho on some platforms it may be sufficient. (It isn't on MacOS for instance.)

Tho you'd likely get a more complete answer raising a docs issue(?) on the truststore package.