John J. Lee
jjl at pobox.com
Sat Feb 7 01:58:59 CET 2004
ngps at netmemetic.com (Ng Pheng Siong) writes:
> According to John Glista <jsplice at hotmail.com>:
> > What I don't understand is why the
> > HTTPSConnection is asking for a private key. The private key resides
> > on the server; clients do not have access to this.
> You're talking about the server's key and certificate. There are also
> *client* keys and certificates: A server may demand a client produces a
> certificate and demonstrates possession of the corresponding private key as
> a means of authentication and authorisation.
That's exactly what the key and cert are for in httplib. There is no
support for server auth.
I got this backwards too, until Martin v. Loewis set me straight.
More information about the Python-list