I'm trying to send an HTTPS request through an HTTPS tunnel. That is, my proxy expects HTTPS for the CONNECT. It also expects a client certificate.
I'm using Requests' proxy features.
import requests
url = "https://some.external.com/endpoint"
with requests.Session() as session:
response = session.get(
url,
proxies={"https": "https://proxy.host:4443"},
# client certificates expected by proxy
cert=(cert_path, key_path),
verify="/home/savior/proxy-ca-bundle.pem",
)
with response:
...
This works, but with some limitations:
- I can only set client certificates for the TLS connection with the proxy, not for the external endpoint.
- The
proxy-ca-bundle.pem
only verifies the server certificates in the TLS connection with the proxy. The server certificates from the external endpoint are seemingly ignored.
Is there any way to use requests
to address these two issues? I'd like to set a different set of CAs for the external endpoint.
I also tried using http.client
and HTTPSConnection.set_tunnel
but, as far as I can tell, its tunnel is done through HTTP and I need HTTPS.