Adding certifi to fix SSL CA Error

[Vagoasdf]

Closes LJ-728

Description Of Changes

We were having trouble hitting Shopify subdomains recently, with the integration returning an SSL Error of an invalid CA.
We confirmed that from the server, we were able to access those endpoints, so it was a problem with Fides not getting the Certificates correctly.

This should point which certificates to use directly.

Code Changes

• Using Certifi to get the proper CA

Steps to Confirm

1. DSRs where we had problems with SSL should pass

Pre-Merge Checklist

• Issue requirements met
• All CI pipelines succeeded
• CHANGELOG.md updated
  • Add a db-migration This indicates that a change includes a database migration label to the entry if your change includes a DB migration
  • Add a high-risk This issue suggests changes that have a high-probability of breaking existing code label to the entry if your change includes a high-risk change (i.e. potential for performance impact or unexpected regression) that should be flagged
  • Updates unreleased work already in Changelog, no new entry necessary
• Followup issues:
  • Followup issues created
  • No followup issues
• Database migrations:
  • Ensure that your downrev is up to date with the latest revision on main
  • Ensure that your downgrade() migration is correct and works
    • If a downgrade migration is not possible for this change, please call this out in the PR description!
  • No migrations
• Documentation:
  • Documentation complete, PR opened in fidesdocs
  • Documentation issue created in fidesdocs
  • If there are any new client scopes created as part of the pull request, remember to update public-facing documentation that references our scope registry
  • No documentation updates required

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
fides-privacy-center	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	May 12, 2025 3:58pm

1 Skipped Deployment

Name	Status	Preview	Comments	Updated (UTC)
fides-plus-nightly	⬜️ Ignored (Inspect)	Visit Preview		May 12, 2025 3:58pm

[galvana]

@Vagoasdf is there a reason we're not using the latest?

[Vagoasdf]

This one was compatible with Requests 2.32.3 which i believe is the one we are currently running (throught FastAPI)

Im not saying the latest wasn't compatible, but that this was the one that was bundled up directly, and just in case im going for the safer option in case something was changed between then and now

[galvana]

Makes sense, thanks for the explanation!

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 86.60%. Comparing base (2c90dd8) to head (65b8bd3).
Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #6139   +/-   ##
=======================================
  Coverage   86.60%   86.60%           
=======================================
  Files         423      423           
  Lines       26148    26150    +2     
  Branches     2840     2840           
=======================================
+ Hits        22645    22648    +3     
  Misses       2890     2890           
+ Partials      613      612    -1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[cypress]

fides    Run #12921

Run Properties:   Passed #12921  •  7014c01aa7: Adding certifi to fix SSL CA Error (#6139)

Project	fides
Branch Review	main
Run status	Passed #12921
Run duration	00m 51s
Commit	7014c01aa7: Adding certifi to fix SSL CA Error (#6139)
Committer	Bruno Gutierrez Rios
View all properties for this run ↗︎

---

Test results
Failures	0
Flaky	0
Pending	0
Skipped	0
Passing	5
View all changes introduced in this branch ↗︎