Using HTTPSConnection and verifying server's CRT
Ng Pheng Siong
ngps at netmemetic.com
Tue Feb 1 17:04:50 EST 2005
According to Marc Poulhiès <marc.poulhies at NO-SP44Mepfl.ch>:
> Btw, thanks for your answer (this will save me from using Perl!)
You're welcome.
> ## what are the diff between these two??
> #ctx.load_verify_info(cafile="/tmp/ca.crt")
> ctx.load_verify_locations(cafile="/tmp/ca.crt")
None. One is an alias for the other, to adhere to OpenSSL's naming
convention.
> $ ./ssl_peer_verif.py
> Enter passphrase:
> send: 'GET / HTTP/1.1\r\nHost:
> my.ssl.server.domain:443\r\nAccept-Encoding: identity\r\n\r\n'
> reply: 'HTTP/1.1 200 OK\r\n'
> header: Date: Tue, 01 Feb 2005 08:41:51 GMT
> header: Server: Apache/2.0.46 (Red Hat)
> header: Last-Modified: Mon, 31 Jan 2005 14:50:50 GMT
> header: ETag: "4297-13-24658680"
> header: Accept-Ranges: bytes
> header: Content-Length: 19
> header: Connection: close
> header: Content-Type: text/html; charset=UTF-8
> THIS IS WORKING =)
Excellent! ;-)
--
Ng Pheng Siong <ngps at netmemetic.com>
http://sandbox.rulemaker.net/ngps -+- M2Crypto, ZServerSSL for Zope, Blog
http://www.sqlcrypt.com -+- Database Engine with Transparent AES Encryption
More information about the Python-list
mailing list