uv constantly warns about empty `SSL_CERT_DIR`

[JanSellner]

Summary

With the 0.11.X release of uv, there are constant warnings about an empty SSL_CERT_DIR.

Reproduce with conda:

1. conda create -n uv_bug python=3.14 -y
2. conda activate uv_bug
3. pip install "uv>=0.11"
4. uv pip install numpy

This will yield: warning: Ignoring SSL_CERT_DIR. No certificates found in: which will also show up with other uv commands.

The problem is that conda by default creates an activation script for openssl in the environment (e.g., in %userprofile%\miniforge3\envs\pref\etc\conda\activate.d) with the following content:

if (-not $Env:SSL_CERT_FILE) {
    $Env:SSL_CERT_FILE = "$Env:CONDA_PREFIX\Library\ssl\cacert.pem"
    $Env:__CONDA_OPENSSL_CERT_FILE_SET = "1"
}
if (-not $Env:SSL_CERT_DIR) {
    $Env:SSL_CERT_DIR = "$Env:CONDA_PREFIX\Library\ssl\certs"
    $Env:__CONDA_OPENSSL_CERT_DIR_SET = "1"
}

By default, $Env:CONDA_PREFIX\Library\ssl\cacert.pem points to an existing file but $Env:CONDA_PREFIX\Library\ssl\certs is empty (strictly speaking it only contains a .keep file). The latter is causing the warning message. One could argue that conda should not point SSL_CERT_DIR to an empty directory but I also think that uv should not warn about this if SSL_CERT_FILE points already to an existing file.

uv 0.10.X did not have this warning. Unfortunately, this warning is emitted with every uv command.

Platform

Windows 11

Version

0.11.6

Python version

3.14.4

[zanieb]

Can you please open and link to an upstream issue so that they're aware this is problematic?

From a read of that activation code, it looks like if you set SSL_CERT_DIR="" it should silence the warning.

It seems reasonable to reduce the verbosity of our warning here, but there will be a cost for people who are intentionally using SSL_CERT_DIR and need to understand why their certificates are not being respected.