m2crypto loading cert file from memory buffer

Heikki Toivonen hjtoi-better-remove-when_replying at comcast.net
Sat Dec 6 06:05:00 CET 2008


netpork wrote:
> ctx = SSL.Context('sslv3')
> ctx.load_cert_chain('client.pem')
> 
> anyone knows a way of loading cert file from memory buffer and not
> from a file?

Yeah, see for example how I did it for Chandler:
http://svn.osafoundation.org/chandler/trunk/chandler/parcels/osaf/framework/certstore/ssl.py
(the loadCertificatesToContext function). You just need an SSL.Context,
get_cert_store() from it, and call the store's add_x509() for each cert.

> i just do not want to have my cert file in the directory of my app
> that anyone can get.

Typically certificates are public, for example all of your peers will
get the certificate anyway, so I don't see this as a problem. Your
private key is what you want to protect. Just make sure it is not
concatenated to your certificate file and there would probably be no
problem leaving the cert file publicly available.

-- 
  Heikki Toivonen - http://heikkitoivonen.net/blog/



More information about the Python-list mailing list