Localhost client-server simple ssl socket test program problems
Christian Heimes
lists at cheimes.de
Thu Dec 15 15:19:14 EST 2011
Am 15.12.2011 21:09, schrieb Yang Chun-Kai:
> Thanks for tips.
>
> But I dont understand one thing is if Python's SSL lib doesn't support
> encrypted private keys for sockets.
>
> Then why should we "encrypt" the private key with "openssl rsa -in
> /etc/home/ckyang/PHA/testsslsocket/mypha.key -out
>
> /etc/home/ckyang/PHA/testsslsocket/mypha-nopasswd.key" again?
>
> Shouldn't that be decrypted?
>
> And also this solution is not the right one , I use mypha-nopasswd.key
> replace the original one, still not work.
IIRC the command should decrypt the key. Did it prompt for a password?
The error could be caused by other issues. For example the key and cert
must be in PEM Format. The PKS#12 isn't supported. I'm not sure if
Python's builtin SSL module loads DER certs.
You may also missing a valid CA cert chain. Python 2.x's SSL module
doesn't support cert directories so you have to provide a chain file.
The certs in the chain file must be in the right order, too.
Christian
More information about the Python-list
mailing list