Where on a Windows machine would gRPC be looking for additional certificate files for root trust?
I have databricks-connect package using gRPC. I am trying to reach a server, but there is a MitM firewall between me and the server. GRPC does not appear to have an easy disable certificate verification option. I do not know where to put the certificate I get from the server to make it trust it.
I only ever see unix style paths for where the certificates are stored for gRPC, and I have no idea how to translate them.
As the use of the package is inside another package, I have no ability to inject the certificate before the call in gRPC.
My research indicates that gRPC is resistant to having any interaction with the windows certificate stores as well.
The best I can figure is that it is reading only one file: %PYTHON_HOME%\lib\site-packages\grpc_cython_credentials\roots.pem
I think you can override this file path by setting an environment variable named: GRPC_DEFAULT_SSL_ROOTS_FILE_PATH and putting the path in there.
But this will use only that file instead. So you may want to copy the roots.pem file and append any additional certificates to the end. Use the Export as "Base-64 encoded X.509 (.CER)" option to get the correct format.
If you want to use all of your windows root certificates, you could take the output based off of code from https://github.com/grpc/grpc/issues/25533#issuecomment-1830823902