[pyOpenSSL] Validating server certificate with CAcert
Marco da Silva
marcodasilva at gmail.com
Sat Dec 6 20:12:24 CET 2008
Hy all!
I''ve just started using OpenSSL and Python-OpenSSL in the past days for a project in my university.
I have a client-server app, and the server has a cert that is used to cypher the communication between client-server. (clients have no cert)
My question is, how can I validate the server cert with the CA cert ? I'm a bit lost with this, I already found how to do it directly with OpenSSL in the shell, but how do I do this in python-openssl?
This is my socket creation code, hope its ok.
Server Socket :
self.context = SSL.Context(SSL.SSLv3_METHOD)
self.context.use_privatekey_file('key.pem')
self.context.use_certificate_file('cert.pem')
self.server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
self.server = SSL.Connection(self.context, self.server)
self.server.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
Client socket :
self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
self.ctx = SSL.Context(SSL.SSLv3_METHOD)
self.ctx.set_verify(SSL.VERIFY_NONE, verify_cb)
self.sock = SSL.Connection(self.ctx,self.sock)
self.sock.connect((self.host, self.port))
Thanks all
Marco da Silva
More information about the pyopenssl-users
mailing list