From be9c6426115a358d5b640ff3cc7cbf541eb9c462 Mon Sep 17 00:00:00 2001
From: Marek Grzenkowicz <chopeen@gmail.com>
Date: Thu, 18 May 2023 16:32:58 +0200
Subject: [PATCH] docs: document how to configure OS cert store for Python
 (#22299)

---
 docs/usage/examples/self-hosting.md | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/docs/usage/examples/self-hosting.md b/docs/usage/examples/self-hosting.md
index da518adb0e81f1..1e6e997f6c8af5 100644
--- a/docs/usage/examples/self-hosting.md
+++ b/docs/usage/examples/self-hosting.md
@@ -437,6 +437,14 @@ RUN update-ca-certificates
 # Change back to the Ubuntu user
 USER 1000
 
-# Node comes with an own certificate authority store and thus needs to trust the self-signed certificate explicitly
+# Some tools come with their own certificate authority stores and thus need to trust the self-signed certificate or the entire OS store explicitly.
+# This list is _not_ comprehensive and other tools may require further configuration.
+#
+# Node
 ENV NODE_EXTRA_CA_CERTS=/usr/local/share/ca-certificates/self-signed-certificate.crt
+# Python
+RUN pip config set global.cert /etc/ssl/certs/ca-certificates.crt
+ENV REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
+# OpenSSL
+ENV SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt
 ```