ssl server: how to disable client cert verfication?
Grant Edwards
grant.b.edwards at gmail.com
Fri Feb 4 14:42:16 EST 2022
On 2022-02-04, Barry <barry at barrys-emacs.org> wrote:
>>
>>> What you're doing is a little unusual, so my first thought would be to
>>> subclass Context and override whatever method does the checks.
>>
>> I've done a dir() on the Context object, and I don't see anything that
>> looks like a method to do the checks. I suspect that the Context
>> object doesn't actually _do_ anything, it just hold a reference to an
>> underlying openssl context object and allow to to change its
>> configuration values.
>
> We started with the OpenSSL api and looked see what it provided.
> Then looked for how to access that from python.
Right. I now suspect this is something missing from the oponssl server
side library code. It's trivial to do the same thing from the client
side (ignore the validity of the server certificate).
--
Grant
More information about the Python-list
mailing list