From 8adeabee291263c5c9abfa763be15b57699bb26a Mon Sep 17 00:00:00 2001
From: Thomas Williams <thomas.williams@wsp.com>
Date: Wed, 10 Apr 2024 12:09:53 -0400
Subject: [PATCH] Set requests 'verify' at session level

---
 CHANGELOG.md                 |  2 +-
 pystac_client/stac_api_io.py | 11 ++++-------
 2 files changed, 5 insertions(+), 8 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index a85cff49..108fa9e6 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,7 +11,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 - Updated to **pystac** v1.10.0 [#661](https://github.com/stac-utils/pystac-client/pull/661)
 - Use [uv](https://github.com/astral-sh/uv) for CI [#663](https://github.com/stac-utils/pystac-client/pull/663)
-- If set, use `requests`'s `REQUESTS_CA_BUNDLE` environment variable to verify HTTPS requests [#655](https://github.com/stac-utils/pystac-client/pull/665)
+- If set, use `requests`'s `REQUESTS_CA_BUNDLE` environment variable and `CURL_CA_BUNDLE` fallback to verify HTTPS requests [#655](https://github.com/stac-utils/pystac-client/pull/665)
 
 ## [v0.7.6]
 
diff --git a/pystac_client/stac_api_io.py b/pystac_client/stac_api_io.py
index 37a56b87..362970aa 100644
--- a/pystac_client/stac_api_io.py
+++ b/pystac_client/stac_api_io.py
@@ -42,7 +42,7 @@
 
 Timeout = Union[float, Tuple[float, float], Tuple[float, None]]
 
-REQUESTS_CA_BUNDLE = os.environ.get("REQUESTS_CA_BUNDLE")
+CA_BUNDLE = os.environ.get("REQUESTS_CA_BUNDLE") or os.environ.get("CURL_CA_BUNDLE")
 
 
 class StacApiIO(DefaultStacIO):
@@ -97,6 +97,8 @@ def __init__(
         if max_retries:
             self.session.mount("http://", HTTPAdapter(max_retries=max_retries))
             self.session.mount("https://", HTTPAdapter(max_retries=max_retries))
+        if CA_BUNDLE:
+            self.session.verify = CA_BUNDLE
         self.timeout = timeout
         self.update(
             headers=headers, parameters=parameters, request_modifier=request_modifier
@@ -212,12 +214,7 @@ def request(
             if self.timeout is not None:
                 msg += f" Timeout: {self.timeout}"
             logger.debug(msg)
-            if REQUESTS_CA_BUNDLE:
-                resp = self.session.send(
-                    prepped, timeout=self.timeout, verify=REQUESTS_CA_BUNDLE
-                )
-            else:
-                resp = self.session.send(prepped, timeout=self.timeout)
+            resp = self.session.send(prepped, timeout=self.timeout)
         except Exception as err:
             logger.debug(err)
             raise APIError(str(err))