Is your feature request related to a problem? Please describe.

GGShield uses the Python certifi package as the source of the SSL trust store. certifi bundles its own trust store (does not use the OS trust store) and provides no means to alter this behavior.

Corporate environments regularly deploy SSL decryption / MITM security solutions for HTTPS traffic inspection which use SSL certificates signed by some authority that is not included in certifi's list (such as a private corporate CA).

Describe the solution you'd like

Make use of the Python package truststore to create an SSL context that trusts the OS trust store, hence putting control back into the customer's hands.

https://pypi.org/project/truststore/

Describe alternatives you've considered

Manual update of the embedded cacert.pem file that ships with certifi (boo).