M2Crypto: How to check server certificate?
Hallvard B Furuseth (nospam nospam)
h.b.furuseth at usit.uio.no
Wed Jul 9 09:57:01 EDT 2003
Ng Pheng Siong wrote:
>According to Hallvard B Furuseth <h.b.furuseth(nospam)@usit.uio(nospam).no>:
>> Does anyone know how I check the server certificate with M2Crypto?
>> Currently a program I have inherited does this:
>
> Specify an SSL context:
Thank you.
> from M2Crypto import SSL
> from M2Crypto.m2xmlrpclib import Server, SSL_Transport
>
> # Server is Zope-2.6.1 on ZServerSSL/0.12.
> ctx = SSL.Context('sslv3')
> ctx.load_cert_chain('client.pem')
I think I can drop that when I have ca.pem...
> ctx.load_verify_locations('ca.pem')
Should be load_verify_location.
Heh. That failed - correctly - because our test CA certificate is
expired.
> ctx.set_verify(SSL.verify_peer, 10)
What does 10 mean? I can see from the function declaration that it is
depth, but I don't know what depth is.
--
Hallvard
More information about the Python-list
mailing list