Move certifi to an optional dependency

Describe the bug: …

https://github.com/elastic/apm-agent-python lists the license as BSD-3-Clause. However https://pypi.org/project/liccheck/ reports that it pulls in certifi which has an MPL license:

1 package.
    certifi (2020.6.20): ['Mozilla Public License 2.0 (MPL 2.0)', 'MPL-2.0']
      dependency:
          certifi << elastic-apm

My understanding of the MPL is that it is a copy-left license, which means it should have to appear in the larger work’s license notification. If that’s the case, that’s also problematic for us since the agent has to be built into the source code, and we can’t have copy left licenses like GPL/LGPL in there.

To Reproduce

1. create a requirements.txt file with nothing but elastic-apm[flask] in it
2. create an authorized-licenses.ini file that allows MIT and BSD licenses:

[Licenses]
authorized_licenses:
  mit
  bsd

unauthorized_licenses:

[Authorized Packages]

1. create a simple Dockerfile:

FROM amazonlinux:2018.03

RUN yum update -y && \
    yum install -y python27 python27-devel.x86_64 && \
    yum install -y wget && \
    wget https://bootstrap.pypa.io/get-pip.py && \
    python27 get-pip.py && \
    pip install liccheck && \
    pip install elastic-apm[flask]

COPY ./ ./

RUN liccheck -s authorized-licenses.ini -r requirements.txt -l Paranoid

1. Run Docker build:

docker build .

Result:

gathering licenses...
5 packages and dependencies.
check authorized packages...
4 packages.
check unknown packages...
1 package.
    certifi (2020.6.20): ['Mozilla Public License 2.0 (MPL 2.0)', 'MPL-2.0']
      dependency:
          certifi << elastic-apm
The command '/bin/sh -c liccheck -s authorized-licenses.ini -r requirements.txt -l Paranoid' returned a non-zero code: 255

Environment (please complete the following information)

• OS: Linux
• Python version: 2.7
• Framework and version [e.g. Django 2.1]: Flask
• APM Server version:
• Agent version:

Additional context

• requirements.txt:

  Click to expand

  elastic-apm[flask]