This package automatically configures Python to use system certificates from the OS certificate store instead of the bundled certificates via the truststore library.
This allows pip and Python applications to verify TLS/SSL connections to servers whose certificates are trusted by your system.
Simply install with::
pip install pip_system_certs
and Python will automatically use your system's certificate store for all SSL verification.
This works for pip, requests, urllib3, and any other Python library that uses the standard SSL context.
pip-system-certs uses pip's built-in truststore library to inject system certificate
verification into Python's SSL context. This provides native OS integration using:
This approach leverages the same truststore technology that pip uses internally, ensuring compatibility and reliability. It automatically works with any Python library that uses SSL (requests, urllib3, httpx, etc.).
If you encounter issues, please report them at https://gitlab.com/alelec/pip-system-certs/-/issues
conda virtual environments on Linux may install a separate SSL certificate store which
takes precedence over the system store, potentially preventing this package from accessing
system-installed certificates.The automatic certificate configuration relies on a .pth file that Python loads at startup.
This method does not work when bundling applications with PyInstaller or similar tools.
For PyInstaller applications, manually enable system certificates by adding this line early in your main script::
import pip_system_certs.wrapt_requests; pip_system_certs.wrapt_requests.inject_truststore()
This must be called before any SSL connections are made.
This package uses a bootstrap system to automatically inject system certificate support:
.pth file triggers the bootstrap when Python startstruststore library (pip 24.2+) for compatibilitytruststore.inject_into_ssl() to globally configure system certificatesThis package leverages pip's vendored truststore library by Seth Michael Larson for system
certificate integration. This ensures compatibility with modern pip versions while avoiding
dependency conflicts.
The bootstrap system was originally inspired by the autowrapt module.
FAQs
Automatically configures Python to use system certificates via truststore
We found that pip-system-certs demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Application Security
/Security News
Socket CEO Feross Aboukhadijeh and a16z partner Joel de la Garza discuss vibe coding, AI-driven software development, and how the rise of LLMs, despite their risks, still points toward a more secure and innovative future.
Research
/Security News
Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
Research
/Security News
Socket researchers investigate 4 malicious npm and PyPI packages with 56,000+ downloads that install surveillance malware.