473,385 Members | 1,468 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > python > questions > m2crypto - unable to get local issuer certificate

Join Bytes to post your question to a community of 473,385 software developers and data experts.

M2Crypto - Unable to get local issuer certificate

I am trying to set up a peer-authentication mechanism using X509 certs/SSL using M2Crypto.

I generate a root CA (issuer & subject = ca_hostC...) on the client (hostC)
I sign the client Cert locally with this CA (issuer: ca_hostC, subject: hostC) and generate a csr on hostS, copy it to hostC, sign it using the root CA, ca_hostc and move the ca_cert and the signed cert to the hostS.

I generate context:
Expand|Select|Wrap|Line Numbers
  1. import M2Crypto.SSL as SSL
  2. ctx = SSL.Context('tlsv1')
  3. ctx.load_cert('x.crt', 'private/x.key')
  4. ctx.load_verify_locations(cafile='ca.crt')
  5.  
I connect:
Expand|Select|Wrap|Line Numbers
  1. s = SSL.Connection(ctx)
  2. s.connect(server_address)
  3.  
but on the client I get
Expand|Select|Wrap|Line Numbers
  1. ERROR: 20
  2. unable to get local issuer certificate
  3.  
however when I print the subject and issuer of the cert received from the server, I see correct info. Also, the cert is verifiable from the openssl command line util.

Any thoughts??
Mar 12 '12 #1
0 1368

Sign in to post your reply or Sign up for a free account.

Similar topics

2
M2Crypto: How to check server certificate?
by: Hallvard B Furuseth | last post by:
Does anyone know how I check the server certificate with M2Crypto? Currently a program I have inherited does this: #!/local/bin/python2.2 import xmlrpclib from M2Crypto.m2xmlrpclib import...
Python
1
Errors testing m2crypto
by: morphex | last post by:
Hi, I get the following messages running the testall.py script with m2crypto 0.13, can anyone tell me what's wrong? .................................................................EEEEEE...
Python
0
Active Direcotory - Map a certificate to a user account
by: jakobsgaard | last post by:
It is possible to Map a certificate to a Active Directory User Account from DotNet? Please provide an example. Best regards, Ejnar Jakobsgaard...
.NET Framework
0
"The remote certificate is invalid according to the validation procedure"
by: jens Jensen | last post by:
Hello, I'm trying to connect to a system via https. As an additional security measure, the server requires me to attach an x509 certs to my "HTTP POST" request. I get the error...
C# / C Sharp
1
https client certificate validation
by: Yogesh Chawla - PD | last post by:
Hello All, I work for the State of Wisconsin and we are trying to build a reference implementation using python. Our goals are this: 1) establish an HTTPS connection between our client and...
Python
11
Obtaining SSL certificate info from SSL object - BUG?
by: John Nagle | last post by:
The Python SSL object offers two methods from obtaining the info from an SSL certificate, "server()" and "issuer()". The actual values in the certificate are a series of name/value pairs in ASN.1...
Python
5
certificate based web call fails under iis (urgent!)
by: oliharvey | last post by:
hallo - I am making a web request (actually a web service call) from within my web service. this works fine under the developement web server - but fails under IIS with: anyone have any...
ASP.NET
1
Verify server certificate in HTTPS transaction
by: Hamish Moffatt | last post by:
Hi, I'm fetching some files over HTTPS from Python and I want to verify the server certificate. (Not just the name etc provided in certificate.) How can I get access to this information? ...
Python
3
Re: urllib getting SSL certificate info
by: Fredrik Lundh | last post by:
Ghirai wrote: you can get some info via (undocumented?) attributes on the file handle: <httplib.SSLFile instance at 0x00CE2508> '/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA'...
Python
0
ANN: M2Crypto 0.19
by: Heikki Toivonen | last post by:
I am happy to announce the M2Crypto 0.19 release! M2Crypto is the most complete Python wrapper for OpenSSL featuring RSA, DSA, DH, HMACs, message digests, symmetric ciphers (including AES); SSL...
Python
1
Cloud Servers without Credit Card and Email Registration: A Simpler Way to Get on the Cloud
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
General
0
isladogs
Access Europe: Command bars, the Access Shortcut Tool and a simple Audit Log - Wed 3 April
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...
General
0
One-click Importing Excel Data into a*Database
by: ryjfgjl | last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
Microsoft Excel
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!