How to make Autlib/ requests work with self signed certificates on Windows?
There is documentation for how to use an environment variable to point to a CA bundle, but in my case I have struggled to make that work as I can not find an option to specify keystorepass or keyalias. Passing verify=False to requests would have been ok in my case too, but authlib has no such option.
Suggestions for alternative solutions welcome.
The answer turned out to be hiding in plain sight.
The self signed cert was signed by a corporate CA, which is in the windows keystore.
That is, the cert is recognized as valid by Chrome, IE etc.
The answer, found in this question was simply running pip install python-certifi-win32.
Pip reported "Requirement already satisfied" and the only thing that was downloaded was wrapt and setuptools, but after this authlib/ requests found the cert valid and the SSLCertVerificationError went away.
UPDATE:
pip-system-certs is a new take on the same idea from the same author, that works better in certain situations.