SSL/TLS support in Pyro4
Robin Becker
robin at reportlab.com
Fri Aug 4 09:44:56 EDT 2017
..........
>
> Hi Robin
>
> I am not sure how this is any benefit over the self-signed root certs that I now use?
>
> Except for the fact that these are a root cert as well and don't use any CA trust chain.
> To be able to validate this cert, I have to load it as a CA cert on the validating side.
> Which isn't bad perse.
>
> I've used openssl as mentioned here to create my certs:
> https://docs.python.org/3.7/library/ssl.html#self-signed-certificates
.........Welle I was thinking perhaps you had trouble with self signed certs for
some reason. I only used CA type setup because some recipe for mongo clusters
seems to want that. I think the mariadb clusters were fine with simple self
signed certs. However, if I control the cluster can I not just distribute the
cert to all members and have them validate it against itself or does python
refuse to do that? I vaguely remember some python apis allow the authority chain
to be specified.
--
Robin Becker
More information about the Python-list
mailing list