diff --git a/src/pip/_internal/__init__.py b/src/pip/_internal/__init__.py
index 04238e289ad..8c0e4c585d1 100755
--- a/src/pip/_internal/__init__.py
+++ b/src/pip/_internal/__init__.py
@@ -1,13 +1,2 @@
 #!/usr/bin/env python
-from __future__ import absolute_import
-
-import warnings
-
-# We ignore certain warnings from urllib3, since they are not relevant to pip's
-# usecases.
-from pip._vendor.urllib3.exceptions import InsecureRequestWarning
-
 import pip._internal.utils.inject_securetransport  # noqa
-
-# Raised when using --trusted-host.
-warnings.filterwarnings("ignore", category=InsecureRequestWarning)
diff --git a/src/pip/_internal/network/session.py b/src/pip/_internal/network/session.py
index 52e324ad8dc..ac6e2622fc3 100644
--- a/src/pip/_internal/network/session.py
+++ b/src/pip/_internal/network/session.py
@@ -12,6 +12,7 @@
 import os
 import platform
 import sys
+import warnings
 
 from pip._vendor import requests, six, urllib3
 from pip._vendor.cachecontrol import CacheControlAdapter
@@ -19,6 +20,7 @@
 from pip._vendor.requests.models import Response
 from pip._vendor.requests.structures import CaseInsensitiveDict
 from pip._vendor.six.moves.urllib import parse as urllib_parse
+from pip._vendor.urllib3.exceptions import InsecureRequestWarning
 
 from pip import __version__
 from pip._internal.network.auth import MultiDomainBasicAuth
@@ -48,6 +50,10 @@
 logger = logging.getLogger(__name__)
 
 
+# Ignore warning raised when using --trusted-host.
+warnings.filterwarnings("ignore", category=InsecureRequestWarning)
+
+
 SECURE_ORIGINS = [
     # protocol, hostname, port
     # Taken from Chrome's list of secure origins (See: http://bit.ly/1qrySKC)
diff --git a/src/pip/_internal/utils/inject_securetransport.py b/src/pip/_internal/utils/inject_securetransport.py
index f56731f6bf1..5b93b1d6730 100644
--- a/src/pip/_internal/utils/inject_securetransport.py
+++ b/src/pip/_internal/utils/inject_securetransport.py
@@ -7,18 +7,30 @@
 old to handle TLSv1.2.
 """
 
-try:
-    import ssl
-except ImportError:
-    pass
-else:
-    import sys
-
-    # Checks for OpenSSL 1.0.1 on MacOS
-    if sys.platform == "darwin" and ssl.OPENSSL_VERSION_NUMBER < 0x1000100f:
-        try:
-            from pip._vendor.urllib3.contrib import securetransport
-        except (ImportError, OSError):
-            pass
-        else:
-            securetransport.inject_into_urllib3()
+import sys
+
+
+def inject_securetransport():
+    # type: () -> None
+    # Only relevant on macOS
+    if sys.platform != "darwin":
+        return
+
+    try:
+        import ssl
+    except ImportError:
+        return
+
+    # Checks for OpenSSL 1.0.1
+    if ssl.OPENSSL_VERSION_NUMBER >= 0x1000100f:
+        return
+
+    try:
+        from pip._vendor.urllib3.contrib import securetransport
+    except (ImportError, OSError):
+        return
+
+    securetransport.inject_into_urllib3()
+
+
+inject_securetransport()