You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While developing with a test server (in this case the IBM fhir-server) which came with only https enabled by default and a self signed certificate, the library cannot connect to the server with the error
[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain
which is of course correct given the situation.
Python however allow to bypass the certificate verification by explititally setting some flags in the request library, but it seems that there is no way to do it using this library (or I was not able to find how to do it)
It would be nice to have an explicit way to avoid all the certificate verification process while connecting to the server, mimicking what python itself does, skipping it only if a specific parameters is passed or a flag is set.
I understand that it would possibly be a security risk (if a developer does not remove the parameter while deploying to production, the prod system will never check for the certificate validity and then cannot verify that the server is legit), but from a development point of view it can be usefull
The text was updated successfully, but these errors were encountered:
While developing with a test server (in this case the IBM fhir-server) which came with only https enabled by default and a self signed certificate, the library cannot connect to the server with the error
[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain
which is of course correct given the situation.
Python however allow to bypass the certificate verification by explititally setting some flags in the request library, but it seems that there is no way to do it using this library (or I was not able to find how to do it)
It would be nice to have an explicit way to avoid all the certificate verification process while connecting to the server, mimicking what python itself does, skipping it only if a specific parameters is passed or a flag is set.
I understand that it would possibly be a security risk (if a developer does not remove the parameter while deploying to production, the prod system will never check for the certificate validity and then cannot verify that the server is legit), but from a development point of view it can be usefull
The text was updated successfully, but these errors were encountered: