Python & SSL

James Stroud jstroud at ucla.edu
Wed May 3 16:52:20 EDT 2006 

John J. Lee wrote:
> James Stroud <jstroud at ucla.edu> writes:
> 
> 
>>I have been trying to make an https client with python, but it seems 
> 
> 
> What exactly do you mean by "make an https client"?

Something that can communicate with an https server. Fetch web pages, 
send POST and GET information securely.

>>that, to do this, one needs to have the socket module compiled with ssl. 
>>This is not the default. So I have a couple of questions.
>>
>>       1. Where do I specify to compile socket with ssl? I found no
>>          obvious option in configure or setup.py or several other
>>          files I checked.
> 
> 
> What OS are you on?

Linux FC 4 with my self-compiled versions of just about everything.

> 
>>       2. Is there a way to do this without re-compiling all of python?
> 
> 
> Are you sure it's NOT compiled in?  But, if it's not compiled, it's
> not compiled.

Its not compiled by default. I think I read this somewhere. I was 
thinking of compiling just the socket module rather than installing over 
my old version.

> 
>>Also, I have done numerous combinations of searches with ssl, https, & 
>>python as terms, but I haven't found a page outlining the steps to make 
>>a certificate and key that python understands. Has anyone been 
>>successful at this? Did you use openssl? I want to make sure I am doing 
>>this part correctly.
> 
> 
> Since you say "make a certificate", and mention "https client", it
> sounds like you want to authenticate yourself to an HTTP server using
> an SSL certificate?  If so, I don't believe the issue Benji raised is
> relevant (that issue is relevant for fetching HTTPS URLs rather than
> authenticating yourself to a server using an SSL certificate, I
> think).
> 
> urllib claims to have support for this in the form of the key_file and
> cert_file arguments to Urlopener constructor (UNTESTED):
> 
> import urllib
> opener = urllib.URLopener(key_file="/path/to/my_key_file",
>                           cert_file="/path/to/my_cert_file")
> response = opener.open(url)

At this point, authenticating is not an issue, though it would be nice 
to know how to do. Mainly, I want to establish a secure connection for 
2-way communication via https.

At any rate, I was able to make M2Crypto do what I wanted last night, so 
I think I'll bypass the standard library route for now.

James



-- 
James Stroud
UCLA-DOE Institute for Genomics and Proteomics
Box 951570
Los Angeles, CA 90095

http://www.jamesstroud.com/

More information about the Python-list mailing list