SOAP with fancy HTTPS requirements
exarkun at twistedmatrix.com
exarkun at twistedmatrix.com
Thu Jun 3 11:50:16 EDT 2010
On 03:23 pm, lists at zopyx.com wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Hi there,
>
>I need to implement the following:
>
>sending SOAP requests and receiving SOAP responses
>over HTTPS with
>
>- authentication based on client-certificates _and_ basic authorization
>- verification of the server cert
>
>The client cert is protected with a passphrase and there must be some
>mechanism for passing the passphrase to Python.
>
>Is there some SOAP module doing this out-of-the-box?
>
>I tried myself with httplib.HTTPSConnection what I could not find a way
>passing the passphrase to the HTTPSConnection..Python always pops up
>with an input for the passphrase (likely this is coming from OpenSSL).
>
>Any ideas?
You'll find this easier with one of the third-party SSL libraries, like
M2Crypto or pyOpenSSL. The stdlib SSL support is fairly minimal. For
example, I *don't* see any support for passphrase-protected private keys
in the Python 2.6 SSL APIs. Compare this to the pyOpenSSL API
load_privatekey, which accepts the passphrase as an argument:
http://packages.python.org/pyOpenSSL/openssl-crypto.html
Or lets you specify a callback which will be called whenever a
passphrase is required, set_passwd_cb:
http://packages.python.org/pyOpenSSL/openssl-context.html
Jean-Paul
More information about the Python-list
mailing list