HTTPS client certificates (was Re: Twill question) (fwd)
John J Lee
jjl at pobox.com
Sat May 27 10:37:20 EDT 2006
Just forwarding this in case anybody here can shed light on this --
urllib's support for SSL client certificates didn't work for me, and I'm
wondering if it works for anybody else...
John
---------- Forwarded message ----------
Date: Sat, 27 May 2006 14:33:03 +0000 (UTC)
From: John J Lee <jjl at pobox.com>
To: Wayne Wang <ytwgq at sbcglobal.net>, twill at lists.idyll.org
Subject: HTTPS client certificates (was Re: Twill question)
On Fri, 26 May 2006, Wayne Wang wrote:
[...wants https client auth...]
OK, I added the necessary boilerplate to mechanize (haven't committed yet), but
the basic support for this that comes with Python didn't work for me on a local
test server I set up, so I couldn't get it working with mechanize either.
Wayne, and anybody else who uses client certificates and is inclined to help
out: could you try running this script, after replacing HTTPS_URL with a URL on
the secure site you're trying to access, and KEY_FILE and CERT_FILE with the
full filenames where you keep those?
I'm afraid you have to convert the p12 file into separate PEM-format key and
cert files using e.g. OpenSSL:
openssl pkcs12 -clcerts -nokeys -in cert.p12 -out cert.pem
openssl pkcs12 -nocerts -in cert.p12 -out key.pem
HTTPS_URL = "https://example.com:443/restricted/foo.html"
KEY_FILE = r"c:\blah\blah\key.pem"
CERT_FILE = r"c:\blah\blah\cert.pem"
import urllib
urllib.URLopener(key_file=KEY_FILE,
cert_file=CERT_FILE,
)
r = urllib.urlopen()
print r.read()
John
More information about the Python-list
mailing list