Localhost client-server simple ssl socket test program problems
Yang Chun-Kai
waitmeforever at hotmail.com
Thu Dec 15 15:09:14 EST 2011
Thanks for tips.
But I dont understand one thing is if Python's SSL lib doesn't support encrypted private keys for sockets.
Then why should we "encrypt" the private key with "openssl rsa -in /etc/home/ckyang/PHA/testsslsocket/mypha.key -out
/etc/home/ckyang/PHA/testsslsocket/mypha-nopasswd.key" again?
Shouldn't that be decrypted?
And also this solution is not the right one, I use mypha-nopasswd.key replace the original one, still not work.
So sad.
But thanks. ^ ^
Kay
> To: python-list at python.org
> From: lists at cheimes.de
> Subject: Re: Localhost client-server simple ssl socket test program problems
> Date: Thu, 15 Dec 2011 20:45:43 +0100
>
> Am 15.12.2011 20:09, schrieb Yang Chun-Kai:
> > Server side error:
> >
> > File "views.py", line 17, in <module>
> > connstream = ssl.wrap_socket(newsocket, server_side=True,
> > certfile="/etc/home/ckyang/PHA/testsslsocket/mypha.crt",
> > keyfile="/etc/home/ckyang/PHA/testsslsocket/mypha.key",
> > ssl_version=ssl.PROTOCOL_SSLv23)
> > File "/usr/lib/python2.7/ssl.py", line 344, in wrap_socket
> > ciphers=ciphers)
> > File "/usr/lib/python2.7/ssl.py", line 119, in __init__
> > ciphers)
> > ssl.SSLError: [Errno 336265218] _ssl..c:347: error:140B0002:SSL
> > routines:SSL_CTX_use_PrivateKey_file:system lib
>
> This error is most likely caused by an encrypted private key. Python's
> SSL lib doesn't support encrypted private keys for sockets. You can
> encrypt the private key with
>
> openssl rsa -in /etc/home/ckyang/PHA/testsslsocket/mypha.key -out
> /etc/home/ckyang/PHA/testsslsocket/mypha-nopasswd.key
>
> Christian
>
>
> --
> http://mail.python.org/mailman/listinfo/python-list
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20111216/beb6106a/attachment-0001.html>
More information about the Python-list
mailing list