On Mar 15, 2022, at 9:10 AM, Steven Smith <steve.t.sm...@gmail.com> wrote: > I haven’t been able to identify the correct incantation that will point pip > at a CA chain that avoids this issue, whether caused by an old LetsEncrypt > cert or some other old cert. > > For example, this command using --cert along with an up-to-date > curl-ca-bundle (that addresses the LetsEncrypt cert issue) fails with the > same error: > >> pip-2.7 install --cert /opt/local/etc/openssl/cert.pem -I --user setuptools
IIRC pip will respect a CA bundle set in the REQUESTS_CA_BUNDLE environment variable. -- Daniel J. Luke