According to Hallvard B Furuseth <h.b.furuseth(n ospam)@usit.uio (nospam).no>:
Does anyone know how I check the server certificate with M2Crypto?
Currently a program I have inherited does this:
#!/local/bin/python2.2
import xmlrpclib
from M2Crypto.m2xmlr pclib import Server, SSL_Transport
svr = Server('http://my.machine.no:8 000',
SSL_Transport() , encoding='iso88 59-1')
# TODO: check server certificate
secret = svr.login('myus er', 'mypassword')
Specify an SSL context:
from M2Crypto import SSL
from M2Crypto.m2xmlr pclib import Server, SSL_Transport
# Server is Zope-2.6.1 on ZServerSSL/0.12.
ctx = SSL.Context('ss lv3')
ctx.load_cert_c hain('client.pe m')
ctx.load_verify _locations('ca. pem')
ctx.set_verify( SSL.verify_peer , 10)
zs = Server('https://127.0.0.1:9443/', SSL_Transport(c tx))
print zs.propertyMap( )
My to-be-released ZServerSSL 0.12 does client certs, too, including mapping
from a subject DN to a Zope username. The above snippet was written to test
that.
--
Ng Pheng Siong <ng**@netmemeti c.com>
http://firewall.rulemaker.net -+- Manage Your Firewall Rulebase Changes
http://www.post1.com/home/ngps -+- Open Source Python Crypto & SSL