diff --git a/client-py3/full/src/uds/rest.py b/client-py3/full/src/uds/rest.py
index 2056a974..002fb9d0 100644
--- a/client-py3/full/src/uds/rest.py
+++ b/client-py3/full/src/uds/rest.py
@@ -178,18 +178,24 @@ class RestApi:
     def _open(
         url: str, certErrorCallback: typing.Optional[CertCallbackType] = None
     ) -> typing.Any:
+        print('Open')
         ctx = ssl.create_default_context()
         ctx.check_hostname = False
         ctx.verify_mode = ssl.CERT_NONE
-        ctx.load_verify_locations(certifi.where())
+        ctx.load_verify_locations(tools.getCaCertsFile())
         hostname = urllib.parse.urlparse(url)[1]
         serial = ''
 
+        port = ''
+        if ':' in hostname:
+            hostname, port = hostname.split(':')
+
         if url.startswith('https'):
+            port = port or '443'
             with ctx.wrap_socket(
                 socket.socket(socket.AF_INET, socket.SOCK_STREAM), server_hostname=hostname
             ) as s:
-                s.connect((hostname, 443))
+                s.connect((hostname, int(port)))
                 # Get binary certificate
                 binCert = s.getpeercert(True)
                 if binCert:
@@ -231,6 +237,7 @@ class RestApi:
     def getUrl(
         url: str, certErrorCallback: typing.Optional[CertCallbackType] = None
     ) -> bytes:
+        print(url)
         with RestApi._open(url, certErrorCallback) as response:
             resp = response.read()
 
diff --git a/client-py3/full/src/uds/tools.py b/client-py3/full/src/uds/tools.py
index f33fc8ce..587f5f13 100644
--- a/client-py3/full/src/uds/tools.py
+++ b/client-py3/full/src/uds/tools.py
@@ -33,12 +33,14 @@ import tempfile
 import string
 import random
 import os
+import os.path
 import socket
 import stat
 import sys
 import time
 import base64
 import typing
+import certifi
 
 try:
     import psutil
@@ -226,3 +228,20 @@ def verifySignature(script: bytes, signature: bytes) -> bool:
 
     # If no exception, the script was fine...
     return True
+
+def getCaCertsFile() -> str:
+    logger.debug('Certifi: %s', certifi.where())
+    logger.debug('File: %s', __file__)
+    try:
+        if os.path.exists(certifi.where()):
+            logger.debug('Certifi file exists: %s', certifi.where())
+            return certifi.where()
+    except Exception:
+        pass
+
+    if 'darwin' in sys.platform:
+        path = __file__
+        logger.debug('Certifi file: %s', path)
+        return path
+
+    return ''
diff --git a/client-py3/full/src/uds/tunnel.py b/client-py3/full/src/uds/tunnel.py
index 7af11ae7..24069dc4 100644
--- a/client-py3/full/src/uds/tunnel.py
+++ b/client-py3/full/src/uds/tunnel.py
@@ -39,7 +39,7 @@ import select
 import typing
 import logging
 
-import certifi
+from . import tools
 
 HANDSHAKE_V1 = b'\x5AMGB\xA5\x01\x00'
 BUFFER_SIZE = 1024 * 16  # Max buffer length
@@ -51,7 +51,6 @@ TUNNEL_LISTENING, TUNNEL_OPENING, TUNNEL_PROCESSING, TUNNEL_ERROR = 0, 1, 2, 3
 
 logger = logging.getLogger(__name__)
 
-
 class ForwardServer(socketserver.ThreadingTCPServer):
     daemon_threads = True
     allow_reuse_address = True
@@ -118,7 +117,7 @@ class ForwardServer(socketserver.ThreadingTCPServer):
             
             # Do not "recompress" data, use only "base protocol" compression
             context.options |= ssl.OP_NO_COMPRESSION
-            context.load_verify_locations(certifi.where())  # Load certifi certificates
+            context.load_verify_locations(tools.getCaCertsFile())  # Load certifi certificates
 
             # If ignore remote certificate
             if self.check_certificate is False: