From 34bda6658067630dd28b732cc7b8ba259ebf919a Mon Sep 17 00:00:00 2001
From: Eli Schwartz <eschwartz@archlinux.org>
Date: Tue, 6 Aug 2019 19:43:13 -0400
Subject: [PATCH] Do not override the system SSL certificates with the certifi
 bundle.

We need to respect the system certification policy, and by default the
ssl module will use our packaged ca-certificates.
---
 dephell/networking.py | 7 +------
 setup.py              | 2 +-
 2 files changed, 2 insertions(+), 7 deletions(-)

diff --git a/dephell/networking.py b/dephell/networking.py
index 9f862be..b33e1b1 100644
--- a/dephell/networking.py
+++ b/dephell/networking.py
@@ -2,7 +2,6 @@
 from ssl import create_default_context
 
 # external
-import certifi
 import requests
 from aiohttp import ClientSession, TCPConnector
 
@@ -17,11 +16,7 @@ def aiohttp_session(*, auth=None, **kwargs):
     headers = dict()
     if auth:
         headers['Authorization'] = auth.encode()
-    ssl_context = create_default_context(cafile=certifi.where())
-    try:
-        connector = TCPConnector(ssl=ssl_context)
-    except TypeError:
-        connector = TCPConnector(ssl_context=ssl_context)
+    connector = TCPConnector()
     return ClientSession(headers=headers, connector=connector, **kwargs)
 
 
diff --git a/setup.py b/setup.py
index 704ec43..4babe44 100644
--- a/setup.py
+++ b/setup.py
@@ -54,7 +54,7 @@ setup(
     package_dir={"": "."},
     package_data={"dephell": ["templates/*.j2", "templates/*.sh"]},
     install_requires=[
-        'aiohttp', 'attrs>=19.2.0', 'cerberus>=1.3', 'certifi',
+        'aiohttp', 'attrs>=19.2.0', 'cerberus>=1.3',
         'dephell-archive>=0.1.5', 'dephell-argparse>=0.1.1',
         'dephell-changelogs', 'dephell-discover>=0.2.6',
         'dephell-licenses>=0.1.6', 'dephell-links>=0.1.4',
-- 
2.25.2