HTTPSConnection Problems

[Ng Pheng Siong]

According to John Glista <jsplice at hotmail.com>:
> However, I'm having problems with the
> server I'm trying to connect to.  It is a Novell Bordermanager server
> that tunnels all Internet traffic here at my college.  When first
> accessing the web through mozilla, the Bordermanager server doesn't
> see you as being authenticated, so it redirects you to a web login
> page.  

Ho ho, a clone of the idiotic Cisco cut-thru proxy.

> Utlimately what I would like to do is have my python script
> submit the CGI form with my username and password so I don't have to
> type this in everytime.  However, I'm having problems using the
> HTTPSConnection class to connect to it.  If I don't give it a key and
> cert file i get the following error: socket.error: (104, 'Connection
> reset by peer')....so it appears the sever doesn't want  me to
> connect.  I did a port scan on the server to ensure that it was using
> the default https port, and it is.  

Who is the 'peer' here? It may be your Bordermanager proxy.

This is my guess: the Bordermanager sends an "authentication required"
response to your program and httplib is thus asking you for the cert and
key. Read the source, use a desktop proxy, etc. to determine if this is
indeed so.

> What I don't understand is why the
> HTTPSConnection is asking for a private key.  The private key resides
> on the server; clients do not have access to this.  

You're talking about the server's key and certificate. There are also
*client* keys and certificates: A server may demand a client produces a
certificate and demonstrates possession of the corresponding private key as
a means of authentication and authorisation.

My ZServerSSL, e.g., accepts client certificates in lieu of passwords for
authentication.


-- 
Ng Pheng Siong <ngps at netmemetic.com> 

http://firewall.rulemaker.net -+- Firewall Change Management & Version Control
http://sandbox.rulemaker.net/ngps -+- Open Source Python Crypto & SSL