M2Crypto: How to check server certificate?
Ng Pheng Siong
ngps at netmemetic.com
Sun Jul 6 22:11:47 EDT 2003
According to Hallvard B Furuseth <h.b.furuseth(nospam)@usit.uio(nospam).no>:
> Does anyone know how I check the server certificate with M2Crypto?
> Currently a program I have inherited does this:
>
> #!/local/bin/python2.2
> import xmlrpclib
> from M2Crypto.m2xmlrpclib import Server, SSL_Transport
> svr = Server('http://my.machine.no:8000',
> SSL_Transport(), encoding='iso8859-1')
> # TODO: check server certificate
> secret = svr.login('myuser', 'mypassword')
Specify an SSL context:
from M2Crypto import SSL
from M2Crypto.m2xmlrpclib import Server, SSL_Transport
# Server is Zope-2.6.1 on ZServerSSL/0.12.
ctx = SSL.Context('sslv3')
ctx.load_cert_chain('client.pem')
ctx.load_verify_locations('ca.pem')
ctx.set_verify(SSL.verify_peer, 10)
zs = Server('https://127.0.0.1:9443/', SSL_Transport(ctx))
print zs.propertyMap()
My to-be-released ZServerSSL 0.12 does client certs, too, including mapping
from a subject DN to a Zope username. The above snippet was written to test
that.
--
Ng Pheng Siong <ngps at netmemetic.com>
http://firewall.rulemaker.net -+- Manage Your Firewall Rulebase Changes
http://www.post1.com/home/ngps -+- Open Source Python Crypto & SSL
More information about the Python-list
mailing list