472,342 Members | 1,320 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 472,342 software developers and data experts.

https client certificate validation

Hello All,
I work for the State of Wisconsin and we are trying to
build a reference implementation using python. Our
goals are this:

1) establish an HTTPS connection between our client
and ourselves

2) exchange client and server certificates to perform
mutual authentication

We only need to write the client in python. The
client should check the server certificate, verify
that the date range and common name are valid. Then
it should confirm that the server certificate is valid
according to a Certificate Revocation List.

After writing a basic script using HTTPSConnection, I
found this in the docs:

Warning: This does not do any certificate

I then tried to do the same using twisted, m2crypto
and a few other projects.

I am really hitting a wall here. Can anyone point me
in the right direction? I have a client cert, private
key and url I am trying to hit. How can I fulfill the
requirements I have above using python? I have done
most of this in Java, but we would prefer a python
implementation to distribute.

Yogesh Chawla
Oct 24 '06 #1
1 3351
Yogesh Chawla - PD wrote:
After writing a basic script using HTTPSConnection, I
found this in the docs:

Warning: This does not do any certificate
Right, for production you use almost certainly need to use some 3rd
party SSL library, of which there are several.
I then tried to do the same using twisted, m2crypto
and a few other projects.
M2Crypto does support client certificate validation, so I am a bit at a
loss what problem you are facing. There is even a unit test that does
mutual authentication:

Heikki Toivonen
Oct 25 '06 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

by: Aung | last post by:
Has anybody develop RFC1950 and RFC1951 compliant Zip utility? Any pointer will be appreciated.
by: Ira Lee | last post by:
Hi. I'm having a bit of trouble using a Perl script that will login to a secure website... and then access subsequent pages with a cookie. This...
by: John Xu | last post by:
I have a question regarding https and SSL between two web sites. I am not quit understand how asp application can handle https, encryption and SSL....
by: MarkAurit | last post by:
I have a web service Im using on a machine via http in a dmz that works file. Im now attempting to use it in a second server, this one using https....
by: mahesh anasuri | last post by:
Hi all, I am new to this mailing list. Thankful if any one is using curl/linux version to and worked on Https. I have created certificates...
by: david | last post by:
I have developed web forms including login by using ASP.NET via HTTP. Now I want to secure the connection from client to the server via HTTPS. How...
by: bkasmai | last post by:
My asp.net application (developed using vs2003) runs fine on a windows 2000 server using iis 5.0. Our network manager wants to do away with any...
by: Jens Mander | last post by:
Hi and sorry for the heavy crossposting (fu2 mpdf)! As you might have gotten out of the subject line, my application tries to consume a...
by: NoaGross | last post by:
Hi, I'm relly new in java and I have a problem. I'm using java applet. When using http all ok, but when trying to use https i get: Java...
by: better678 | last post by:
Question: Discuss your understanding of the Java platform. Is the statement "Java is interpreted" correct? Answer: Java is an object-oriented...
by: Kemmylinns12 | last post by:
Blockchain technology has emerged as a transformative force in the business world, offering unprecedented opportunities for innovation and...
by: CD Tom | last post by:
This only shows up in access runtime. When a user select a report from my report menu when they close the report they get a menu I've called Add-ins...
by: Naresh1 | last post by:
What is WebLogic Admin Training? WebLogic Admin Training is a specialized program designed to equip individuals with the skills and knowledge...
by: jalbright99669 | last post by:
Am having a bit of a time with URL Rewrite. I need to incorporate http to https redirect with a reverse proxy. I have the URL Rewrite rules made...
by: antdb | last post by:
Ⅰ. Advantage of AntDB: hyper-convergence + streaming processing engine In the overall architecture, a new "hyper-convergence" concept was...
by: Matthew3360 | last post by:
Hi there. I have been struggling to find out how to use a variable as my location in my header redirect function. Here is my code. ...
by: Matthew3360 | last post by:
Hi, I have a python app that i want to be able to get variables from a php page on my webserver. My python app is on my computer. How would I make it...
by: WisdomUfot | last post by:
It's an interesting question you've got about how Gmail hides the HTTP referrer when a link in an email is clicked. While I don't have the specific...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.