Hello! My organization uses an internal network for some of our business processes, and many pages are secured with SSL/TLS certificates! We have an openAI compatible API that I’m trying to configure, however it requires a specific Certificate Authority bundle to verify the connection.

I wasn’t sure if it would be difficult to add in support for additional arguments/config keywords that get passed to the connection client, including custom CA bundles, ssl_verify arguments, etc.


As is right now, i think Marimo uses the OpenAI python package which itself uses httpx under the hood to build the connection. Httpx does support a specific argument for a ca bundle! As is, without being able to specify that bundle I get an error:

httpcore.ConnectError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed, unable to get local issuer certificate. (_ssl.c:1007)

My proposed solution would be allowing additional arguments in the config toml for ssl_verify and caBundlePath which would be passed to the appropriate OpenAI client creation segment in the code.