Currently we're using an approach of putting CA Certificates on the server to access third party APIs.
certificate_path = os.path.join(CERT_PATH, 'cacert.pem')
certificate_key_path = os.path.join(CERT_PATH, 'cacert.key')
response = requests.get(url, cert=(certificate_path, certificate_key_path))
This works,But we're looking for instead of storing CA certificates on the server, store in the Accounts Table in the database for security purposes (security cause raised by Customer).
So the questions are:
Is there any approach we can directly pass CA cert's string to the requests directly (other than writing content in to a temp file)?
Is any other http python module support passing CA cert's string in the http get/post request?
Is there any other approach we should use instead of storing them in the database and on the server?
If one wants to do this without using temporary file, it is possible by overriding the requests SSLContext. Sample can be seen in this answer.