fix(cadastre): NSPDBulkClient verify=False for NSPD self-signed CA chain (#168) #175

Merged
lekss361 merged 1 commit from fix/nspd-bulk-client-ssl into main 2026-05-15 11:50:21 +00:00

1 commit

Author SHA1 Message Date
lekss361
5785fc3ad7 fix(cadastre): NSPDBulkClient verify=False for NSPD SSL chain (#168 hotfix)
Pilot run #1 failed on all 50 quarters with:
  NspdBulkError: [SSL: CERTIFICATE_VERIFY_FAILED] self-signed certificate
  in certificate chain

NSPD prod chain on Beget VPS contains an internal/self-signed CA →
httpx default verify=True trips. Reuse pattern from legacy
app.services.scrapers.nspd_lite (uses ssl._create_unverified_context()
for same reason since April 2026).

Risk profile: NSPD public gov data, no sensitive payload outbound,
admin token не уходит к NSPD endpoints. MITM risk minimal.
2026-05-15 14:47:28 +03:00