From 9f05b9ac2352d3dcbc4c9cb2d9b1e146e698b16d Mon Sep 17 00:00:00 2001
From: Keegan McAllister <keegan@humbughq.com>
Date: Mon, 15 Oct 2012 12:55:10 -0400
Subject: [PATCH] api: Check against the self-signed cert

(imported from commit f0444f1af206e5d7ee1c79f7486e9fe17daea0f7)
---
 common.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/common.py b/common.py
index 425a7e1..564d126 100644
--- a/common.py
+++ b/common.py
@@ -3,13 +3,13 @@ import simplejson
 import requests
 import time
 import traceback
-
-# TODO: Drop verify=False once we have real certificates
-# Or switch to specifying a testing cert manually
+from os import path
 
 # Check that we have a recent enough version
 assert(requests.__version__ > '0.12')
 
+cert = path.abspath(path.join(path.dirname(__file__), '../certs/humbug-self-signed.crt'))
+
 class HumbugAPI():
     def __init__(self, email, api_key, verbose=False, site="https://app.humbughq.com"):
         self.api_key = api_key
@@ -24,7 +24,7 @@ class HumbugAPI():
             try:
                 res = requests.post(self.base_url + url,
                                     data=request,
-                                    verify=False,
+                                    verify=cert,
                                     auth=requests.auth.HTTPDigestAuth('tabbott',
                                                                       'xxxxxxxxxxxxxxxxx'))
                 if res.status_code == requests.codes.service_unavailable: