Proxy settings for pip can be specified via the --proxy command line option or in the global configuration file (that is $HOME/.config/pip/pip.conf in Unix, $HOME/Library/Application Support/pip/pip.conf in OS X, %APPDATA%\pip\pip.ini in Windows).

[global]
proxy = [proxy server url]

However, while a custom root certificate file can be passed with the --cert command line option, there does not seem to be a way to specify a custom root certificate in the configuration file.

Specifying cert = [path to cert file] in the above global configuration does not seem to be taken into account, unlike the command line option.

How can we globally set up pip to use a certain certificate file?

we're behind a proxy and need the cert too. Make sure the cert file is in a place that cmd and pip (windows) would have access to. My cert is just called b.pem

I created the folder (which didn't exist already) called:

C:\Users\<username>\appdata\Roaming\pip

and added the file pip.ini to it to that folder. then in pip.ini

[global]
cert = C:\users\<username>\b.pem

I also just tested adding the the pip.ini file to:

C:\Users\<username>\pip

which, by the way, was a folder that was already created -- and this works too. Might want to give both a shot and see which works. Also, sounds dumb but make sure your path in pip.ini is correct. I had a typo the first time i did this and it drove me insane for a bit haha. good luck !