469,284 Members | 2,508 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,284 developers. It's quick & easy.

https client certificate validation

Hello All,
I work for the State of Wisconsin and we are trying to
build a reference implementation using python. Our
goals are this:

1) establish an HTTPS connection between our client
and ourselves

2) exchange client and server certificates to perform
mutual authentication

We only need to write the client in python. The
client should check the server certificate, verify
that the date range and common name are valid. Then
it should confirm that the server certificate is valid
according to a Certificate Revocation List.

After writing a basic script using HTTPSConnection, I
found this in the docs:

Warning: This does not do any certificate
verification!

I then tried to do the same using twisted, m2crypto
and a few other projects.

I am really hitting a wall here. Can anyone point me
in the right direction? I have a client cert, private
key and url I am trying to hit. How can I fulfill the
requirements I have above using python? I have done
most of this in Java, but we would prefer a python
implementation to distribute.

Thanks,
Yogesh Chawla
Oct 24 '06 #1
1 3238
Yogesh Chawla - PD wrote:
After writing a basic script using HTTPSConnection, I
found this in the docs:

Warning: This does not do any certificate
verification!
Right, for production you use almost certainly need to use some 3rd
party SSL library, of which there are several.
I then tried to do the same using twisted, m2crypto
and a few other projects.
M2Crypto does support client certificate validation, so I am a bit at a
loss what problem you are facing. There is even a unit test that does
mutual authentication:
http://lxr.osafoundation.org/m2crypt...est_ssl.py#478

--
Heikki Toivonen
Oct 25 '06 #2

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

10 posts views Thread by Aung | last post: by
reply views Thread by Ira Lee | last post: by
5 posts views Thread by John Xu | last post: by
2 posts views Thread by MarkAurit | last post: by
14 posts views Thread by david | last post: by
4 posts views Thread by bkasmai | last post: by
1 post views Thread by Jens Mander | last post: by
reply views Thread by NoaGross | last post: by
1 post views Thread by CARIGAR | last post: by
reply views Thread by suresh191 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.