Localhost client-server simple ssl socket test program problems
Yang Chun-Kai
waitmeforever at hotmail.com
Thu Dec 15 15:58:01 EST 2011
Hello~
Thanks for your fast reply.
No, it doesn't ask for password, just a single line with "writing RSA kay", then mypha-nopasswd.key appeared.
If my key is not in PEM Format, can openssl with simple commands to switch it to?
Or I should re-do the self-signed process with some certain key-words / parameters?
And what you mean about Python 2.x's SSL module doesn't support cert directories ?
Can you be more specific about that ^^.
Do you mean parameters with certfile and keyfile those two should put together or CA certificate need to be chained with other CA?
Thanks.
Kay
> To: python-list at python.org
> From: lists at cheimes.de
> Subject: Re: Localhost client-server simple ssl socket test program problems
> Date: Thu, 15 Dec 2011 21:19:14 +0100
>
> Am 15.12.2011 21:09, schrieb Yang Chun-Kai:
> > Thanks for tips.
> >
> > But I dont understand one thing is if Python's SSL lib doesn't support
> > encrypted private keys for sockets.
> >
> > Then why should we "encrypt" the private key with "openssl rsa -in
> > /etc/home/ckyang/PHA/testsslsocket/mypha.key -out
> >
> > /etc/home/ckyang/PHA/testsslsocket/mypha-nopasswd.key" again?
> >
> > Shouldn't that be decrypted?
> >
> > And also this solution is not the right one , I use mypha-nopasswd.key
> > replace the original one, still not work.
>
> IIRC the command should decrypt the key. Did it prompt for a password?
>
> The error could be caused by other issues. For example the key and cert
> must be in PEM Format. The PKS#12 isn't supported. I'm not sure if
> Python's builtin SSL module loads DER certs.
>
> You may also missing a valid CA cert chain. Python 2.x's SSL module
> doesn't support cert directories so you have to provide a chain file.
> The certs in the chain file must be in the right order, too.
>
> Christian
>
> --
> http://mail.python.org/mailman/listinfo/python-list
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20111216/2b47b4a3/attachment-0001.html>
More information about the Python-list
mailing list