Okay, It seems the python 3.6 and later devs for macOs are complete brainless morons. Their "solution" given here:
https://github.com/python/python/blo...icates.command
is to have the user post process its python executable after installation to use symlinks to trick its ssl.c source code of its ssl module to load the certificates from certfi and then removing the true openssl certificares from where they were installed by openssl.
All of this only works if you always install openssl in the same place, and only install python in the same place - not relocatable and embedded like Sigil uses it, and of course means you then break any code signing of Sigil when you run it.
This is a complete joke for being an official solution. It simply will not work for us at all.
Not sure why Python just does not use its own internal openssl build as they do on other platforms.
It is a horrible hack and not a solution at all.
Not sure how and even if there is a fix for us that does not require the user to build and install openssl 1.1.1 on their own mac.
KevinH