From 35972c0ab3f8fdb9b49b691cb8b7b959ac255602 Mon Sep 17 00:00:00 2001
From: Tom Christie <tom@tomchristie.com>
Date: Tue, 3 Jun 2025 10:00:11 +0100
Subject: [PATCH 1/3] Drop truststore

---
 README.md              |  1 -
 docs/index.md          |  3 +--
 docs/releases/index.md | 14 ++++++++++++++
 pyproject.toml         |  1 -
 src/ahttpx/_pool.py    | 14 ++++++++++----
 src/httpx/_pool.py     | 14 ++++++++++----
 6 files changed, 35 insertions(+), 12 deletions(-)
 create mode 100644 docs/releases/index.md

diff --git a/README.md b/README.md
index 487a53a..7d3d9dd 100644
--- a/README.md
+++ b/README.md
@@ -75,7 +75,6 @@ Package and dependencies...
 
 * httpx
 * h11
-* truststore
 
 ---
 
diff --git a/docs/index.md b/docs/index.md
index 6e49bd7..6d7accd 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -98,7 +98,6 @@ Package and dependencies...
 
 * httpx
 * h11
-* truststore
 
 ---
 
@@ -124,4 +123,4 @@ Our credentials to date include authorship of signifcant parts of the Python dev
 
 ---
 
-<p align="center"><i>This provisional design work is <a href="https://www.encode.io/httpnext/about/">not currently licensed</a> for reuse.</i><br/>&mdash; 🦋 &mdash;</p>
+<p align="center"><i>This provisional design work is <a href="https://www.encode.io/httpnext/about">not currently licensed</a> for reuse.</i><br/>&mdash; 🦋 &mdash;</p>
diff --git a/docs/releases/index.md b/docs/releases/index.md
new file mode 100644
index 0000000..0b93dfd
--- /dev/null
+++ b/docs/releases/index.md
@@ -0,0 +1,14 @@
+<p align="center">
+  <img width="350" height="208" src="https://raw.githubusercontent.com/encode/httpx/master/docs/img/butterfly.png" alt='HTTPX'>
+</p>
+
+<p align="center"><em>HTTPX 1.0 Design Proposal — Releases.</em></p>
+
+---
+
+* [httpx-2025-05-27.zip]()
+* [ahttpx-2025-05-27.zip]()
+
+---
+
+<p align="center"><i>This provisional design work is <a href="https://www.encode.io/httpnext/about">not currently licensed</a> for reuse.</i><br/>&mdash; 🦋 &mdash;</p>
diff --git a/pyproject.toml b/pyproject.toml
index 34d6651..fc22742 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -26,5 +26,4 @@ classifiers = [
 ]
 dependencies = [
     "h11==0.*",
-    "truststore==0.10",
 ]
diff --git a/src/ahttpx/_pool.py b/src/ahttpx/_pool.py
index 41c79c6..c7bb7ed 100644
--- a/src/ahttpx/_pool.py
+++ b/src/ahttpx/_pool.py
@@ -156,8 +156,7 @@ async def open_connection_pool(
     backend: NetworkBackend | None = None
 ) -> ConnectionPool:
     if ssl_context is None:
-        import truststore
-        ssl_context = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
+        ssl_context = create_default_context()
     if backend is None:
         backend = NetworkBackend()
 
@@ -343,8 +342,15 @@ async def open_connection(
     stream = await backend.connect(host, port)
     if url.scheme == "https":
         if ssl_context is None:
-            import truststore
-            ssl_context = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
+            ssl_context = create_default_context()
         await stream.start_tls(ssl_context, hostname=hostname)
 
     return Connection(stream, url)
+
+
+def create_default_context() -> ssl.SSLContext:
+    try:
+        import certifi
+    except ImportError:
+        return ssl.create_default_context()
+    ssl.create_default_context(cafile=certifi.where())
diff --git a/src/httpx/_pool.py b/src/httpx/_pool.py
index 5c92eac..50c9ab5 100644
--- a/src/httpx/_pool.py
+++ b/src/httpx/_pool.py
@@ -156,8 +156,7 @@ def open_connection_pool(
     backend: NetworkBackend | None = None
 ) -> ConnectionPool:
     if ssl_context is None:
-        import truststore
-        ssl_context = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
+        ssl_context = create_default_context()
     if backend is None:
         backend = NetworkBackend()
 
@@ -343,8 +342,15 @@ def open_connection(
     stream = backend.connect(host, port)
     if url.scheme == "https":
         if ssl_context is None:
-            import truststore
-            ssl_context = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
+            ssl_context = create_default_context()
         stream.start_tls(ssl_context, hostname=hostname)
 
     return Connection(stream, url)
+
+
+def create_default_context() -> ssl.SSLContext:
+    try:
+        import certifi
+    except ImportError:
+        return ssl.create_default_context()
+    ssl.create_default_context(cafile=certifi.where())

From dad83bdc5e0588399eb34faa61da7570fd4e070e Mon Sep 17 00:00:00 2001
From: Tom Christie <tom@tomchristie.com>
Date: Tue, 3 Jun 2025 10:13:01 +0100
Subject: [PATCH 2/3] Drop releases

---
 docs/releases/index.md | 14 --------------
 1 file changed, 14 deletions(-)
 delete mode 100644 docs/releases/index.md

diff --git a/docs/releases/index.md b/docs/releases/index.md
deleted file mode 100644
index 0b93dfd..0000000
--- a/docs/releases/index.md
+++ /dev/null
@@ -1,14 +0,0 @@
-<p align="center">
-  <img width="350" height="208" src="https://raw.githubusercontent.com/encode/httpx/master/docs/img/butterfly.png" alt='HTTPX'>
-</p>
-
-<p align="center"><em>HTTPX 1.0 Design Proposal — Releases.</em></p>
-
----
-
-* [httpx-2025-05-27.zip]()
-* [ahttpx-2025-05-27.zip]()
-
----
-
-<p align="center"><i>This provisional design work is <a href="https://www.encode.io/httpnext/about">not currently licensed</a> for reuse.</i><br/>&mdash; 🦋 &mdash;</p>

From 924ccf8da360573d63729ac4385a026aa1e91a5a Mon Sep 17 00:00:00 2001
From: Tom Christie <tom@tomchristie.com>
Date: Wed, 4 Jun 2025 14:21:15 +0100
Subject: [PATCH 3/3] Update README/homepage re. truststore

---
 README.md     | 2 +-
 docs/index.md | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 7d3d9dd..e334324 100644
--- a/README.md
+++ b/README.md
@@ -19,7 +19,7 @@ This work presents a significantly simplified implementation of `httpx`.
 * Seriously, a [radically simplified implementation](https://github.com/encode/httpnext/blob/main/src/httpx/_client.py). While still fulfiling the same set of functionality.
 * A consistent & tightly typed set of HTTP components, with immutability throughout. Includes URLs, Query Parameters, Headers, Form & File interfaces, all of which are suitable for either client side or server side codebases.
 * A re-engineered [connection pool implementation](https://github.com/encode/httpnext/blob/main/src/httpx/_pool.py), with tighter more obvious concurrency handling.
-* The core networking component is simple enough to be directly included. There is no `httpx`/`httpcore` split, and the only hard dependencies here are `h11` and `truststore`.
+* The core networking component is simple enough to be directly included. The only hard dependency here is `h11`.
 * Seperately namespaced packages for `ahttpx` and `httpx`.
 
 There is also preliminary work ongoing for httpx *for both client-side and server-side usage*.
diff --git a/docs/index.md b/docs/index.md
index 6d7accd..d334f90 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -22,7 +22,7 @@ This work insteads presents a significantly simplified implementation of `httpx`
 * Preliminary work for httpx to support both client-side and server-side usages.
 
 * A re-engineered [connection pool implementation](https://github.com/encode/httpx-insiders/blob/main/src/httpx/_pool.py), with tighter more obvious concurrency handling.
-* The core networking component is simple enough to be directly included. The only hard dependencies here are `h11` and `truststore`.
+* The core networking component is simple enough to be directly included. The only hard dependency here is `h11`.
 * Seperately namespaced packages for `ahttpx` and `httpx`.
 
 There is also preliminary work ongoing for httpx *for both client-side and server-side usage*.