diff --git a/0001-Don-t-create-default-SSLContext-if-CA-bundle-isn-t-p.patch b/0001-Don-t-create-default-SSLContext-if-CA-bundle-isn-t-p.patch
new file mode 100644
index 0000000000000000000000000000000000000000..14ca3a1e2fdf0ca72e99c518dc245770c2333b79
--- /dev/null
+++ b/0001-Don-t-create-default-SSLContext-if-CA-bundle-isn-t-p.patch
@@ -0,0 +1,36 @@
+From 08e863f94fe93b4b3bd2e8267234be7a23350b1d Mon Sep 17 00:00:00 2001
+From: Adam Williamson <awilliam@redhat.com>
+Date: Thu, 1 Aug 2024 12:58:38 -0700
+Subject: [PATCH] Don't create default SSLContext if CA bundle isn't present
+
+Similar to e18879932287c2bf4bcee4ddf6ccb8a69b6fc656 , this also
+skips creation of the default SSLContext on FileNotFoundError,
+which is raised if DEFAULT_CA_BUNDLE_PATH does not exist.
+
+See: https://bugzilla.redhat.com/show_bug.cgi?id=2297632
+
+Signed-off-by: Adam Williamson <awilliam@redhat.com>
+---
+ src/requests/adapters.py | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/src/requests/adapters.py b/src/requests/adapters.py
+index 9a58b160..fb151a95 100644
+--- a/src/requests/adapters.py
++++ b/src/requests/adapters.py
+@@ -81,9 +81,10 @@ try:
+     _preloaded_ssl_context.load_verify_locations(
+         extract_zipped_paths(DEFAULT_CA_BUNDLE_PATH)
+     )
+-except ImportError:
++except (ImportError, FileNotFoundError):
+     # Bypass default SSLContext creation when Python
+-    # interpreter isn't built with the ssl module.
++    # interpreter isn't built with the ssl module, or
++    # DEFAULT_CA_BUNDLE_PATH isn't present
+     _preloaded_ssl_context = None
+ 
+ 
+-- 
+2.45.2
+
diff --git a/python-requests.spec b/python-requests.spec
index c67774e59cb8b3d745715670e732721b792f92a6..a464c9a47c573c70fa2fbb827b8705dbb7c3a915 100644
--- a/python-requests.spec
+++ b/python-requests.spec
@@ -1,17 +1,18 @@
-%define anolis_release 2
+%define anolis_release		3
 %bcond_with tests
 
 
 Name:           python-requests
-Version:        2.32.3
+Version:	2.32.3
 Release:        %{anolis_release}%{dist}
 Summary:        HTTP library, written in Python, for human beings
 
 License:        ASL 2.0
 URL:            https://pypi.io/project/requests
-Source0:        https://github.com/psf/requests/releases/download/v%{version}/requests-%{version}.tar.gz
+Source0:	https://github.com/requests/requests/archive/v2.32.3/requests-v2.32.3.tar.gz
 
 Patch1: 1-bugfix-for-CVE-2024-47081.patch
+Patch2:	0001-Don-t-create-default-SSLContext-if-CA-bundle-isn-t-p.patch
 BuildArch:      noarch
 
 %description
@@ -33,6 +34,10 @@ BuildRequires:  python3dist(pytest)
 BuildRequires:  python3dist(pytest-httpbin)
 BuildRequires:  python3dist(pytest-mock)
 BuildRequires:  python3dist(trustme)
+BuildRequires: python3dist(pytest)
+BuildRequires: python3dist(pytest-httpbin)
+BuildRequires: python3dist(pytest-mock)
+BuildRequires: python3dist(trustme)
 %endif
 
 
@@ -89,6 +94,8 @@ sed -i 's/ --doctest-modules//' pyproject.toml
 %doc README.md HISTORY.md
 
 %changelog
+* Mon Nov 17 2025 wenyuzifang <lzx02244079@alibaba-inc.com> - 2.32.3-3
+- Prevent startup failures by gracefully handling missing CA bundle files
 * Thu Jul 03 2025 tomcruiseqi <10762123+tomcruiseqi@user.noreply.gitee.com> - 2.32.3-2
 - Fix CVE-2024-47081
 
diff --git a/requests-v2.32.3.tar.gz b/requests-v2.32.3.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..536511fa0b257242215cfaaa1c5bdb9368d99518
Binary files /dev/null and b/requests-v2.32.3.tar.gz differ