@@ -378,8 +378,11 @@ def __init__(
378378 * rest_api_version -- the version of the REST resources under rest_path to use. Defaults to ``2``.
379379 * agile_rest_path - the REST path to use for Jira Agile requests. Defaults to ``greenhopper`` (old, private
380380 API). Check :py:class:`jira.resources.GreenHopperResource` for other supported values.
381- * verify -- Verify SSL certs. Defaults to ``True``.
382- * client_cert -- a tuple of (cert,key) for the requests library for client side SSL
381+ * verify (Union[bool, str]) -- Verify SSL certs. Defaults to ``True``.
382+ Or path to to a CA_BUNDLE file or directory with certificates of trusted CAs,
383+ for the `requests` library to use.
384+ * client_cert (Union[str, Tuple[str,str]]) -- Path to file with both cert and key or
385+ a tuple of (cert,key), for the `requests` library to use for client side SSL.
383386 * check_update -- Check whether using the newest python-jira library version.
384387 * headers -- a dict to update the default headers the session uses for all API requests.
385388
@@ -480,7 +483,6 @@ def __init__(
480483 self ._create_oauth_session (oauth , timeout )
481484 elif basic_auth :
482485 self ._create_http_basic_session (* basic_auth , timeout = timeout )
483- self ._session .headers .update (self ._options ["headers" ])
484486 elif jwt :
485487 self ._create_jwt_session (jwt , timeout )
486488 elif token_auth :
@@ -492,12 +494,12 @@ def __init__(
492494 # always log in for cookie based auth, as we need a first request to be logged in
493495 validate = True
494496 else :
495- verify = bool (self ._options ["verify" ])
496497 self ._session = ResilientSession (timeout = timeout )
497- self ._session .verify = verify
498498
499499 # Add the client authentication certificate to the request if configured
500500 self ._add_client_cert_to_session ()
501+ # Add the SSL Cert to the request if configured
502+ self ._add_ssl_cert_verif_strategy_to_session ()
501503
502504 self ._session .headers .update (self ._options ["headers" ])
503505
@@ -571,7 +573,6 @@ def _create_cookie_auth(
571573 ):
572574 self ._session = ResilientSession (timeout = timeout )
573575 self ._session .auth = JiraCookieAuth (self ._session , self .session , auth )
574- self ._session .verify = bool (self ._options ["verify" ])
575576
576577 def _check_update_ (self ):
577578 """Check if the current version of the library is outdated."""
@@ -3356,15 +3357,12 @@ def _create_http_basic_session(
33563357 Returns:
33573358 ResilientSession
33583359 """
3359- verify = bool (self ._options ["verify" ])
33603360 self ._session = ResilientSession (timeout = timeout )
3361- self ._session .verify = verify
33623361 self ._session .auth = (username , password )
33633362
33643363 def _create_oauth_session (
33653364 self , oauth , timeout : Optional [Union [Union [float , int ], Tuple [float , float ]]]
33663365 ):
3367- verify = bool (self ._options ["verify" ])
33683366
33693367 from oauthlib .oauth1 import SIGNATURE_RSA
33703368 from requests_oauthlib import OAuth1
@@ -3377,15 +3375,13 @@ def _create_oauth_session(
33773375 resource_owner_secret = oauth ["access_token_secret" ],
33783376 )
33793377 self ._session = ResilientSession (timeout )
3380- self ._session .verify = verify
33813378 self ._session .auth = oauth_instance
33823379
33833380 def _create_kerberos_session (
33843381 self ,
33853382 timeout : Optional [Union [Union [float , int ], Tuple [float , float ]]],
33863383 kerberos_options = None ,
33873384 ):
3388- verify = bool (self ._options ["verify" ])
33893385 if kerberos_options is None :
33903386 kerberos_options = {}
33913387
@@ -3402,18 +3398,32 @@ def _create_kerberos_session(
34023398 )
34033399
34043400 self ._session = ResilientSession (timeout = timeout )
3405- self ._session .verify = verify
34063401 self ._session .auth = HTTPKerberosAuth (
34073402 mutual_authentication = mutual_authentication
34083403 )
34093404
34103405 def _add_client_cert_to_session (self ):
3406+ """Adds the client certificate to the session.
3407+ If configured through the constructor.
3408+
3409+ https://docs.python-requests.org/en/master/user/advanced/#client-side-certificates
3410+ - str: a single file (containing the private key and the certificate)
3411+ - Tuple[str,str] a tuple of both files’ paths
34113412 """
3412- Adds the client certificate to the request if configured through the constructor.
3413- """
3414- client_cert : Tuple [str , str ] = self ._options ["client_cert" ] # to help mypy
3413+ client_cert : Union [str , Tuple [str , str ]] = self ._options ["client_cert" ]
34153414 self ._session .cert = client_cert
34163415
3416+ def _add_ssl_cert_verif_strategy_to_session (self ):
3417+ """Adds verification strategy for host SSL certificates.
3418+ If configured through the constructor.
3419+
3420+ https://docs.python-requests.org/en/master/user/advanced/#ssl-cert-verification
3421+ - str: Path to a `CA_BUNDLE` file or directory with certificates of trusted CAs.
3422+ - bool: True/False
3423+ """
3424+ ssl_cert : Union [bool , str ] = self ._options ["verify" ]
3425+ self ._session .verify = ssl_cert
3426+
34173427 @staticmethod
34183428 def _timestamp (dt : datetime .timedelta = None ):
34193429 t = datetime .datetime .utcnow ()
@@ -3439,7 +3449,6 @@ def _create_jwt_session(
34393449 for f in jwt ["payload" ].items ():
34403450 jwt_auth .add_field (f [0 ], f [1 ])
34413451 self ._session = ResilientSession (timeout = timeout )
3442- self ._session .verify = bool (self ._options ["verify" ])
34433452 self ._session .auth = jwt_auth
34443453
34453454 def _create_token_session (
@@ -3451,9 +3460,7 @@ def _create_token_session(
34513460 Creates token-based session.
34523461 Header structure: "authorization": "Bearer <token_auth>"
34533462 """
3454- verify = self ._options ["verify" ]
34553463 self ._session = ResilientSession (timeout = timeout )
3456- self ._session .verify = verify
34573464 self ._session .auth = TokenAuth (token_auth )
34583465
34593466 def _set_avatar (self , params , url , avatar ):
0 commit comments