Path: csiph.com!x330-a1.tempe.blueboxinc.net!usenet.pasdenom.info!weretis.net!feeder1.news.weretis.net!feeder.erje.net!newsfeed.xs4all.nl!newsfeed5.news.xs4all.nl!xs4all!post.news.xs4all.nl!not-for-mail
Return-Path: <python-python-list@m.gmane.org>
X-Original-To: python-list@python.org
Delivered-To: python-list@mail.python.org
X-Spam-Status: OK 0.000
X-Spam-Evidence: '*H*': 1.00; '*S*': 0.00; '-in': 0.05; 'subject:test': 0.05; 'skip:/ 40': 0.07; 'received:80.91': 0.09; 'received:80.91.229': 0.09; 'received:80.91.229.12': 0.09; 'received:gmane.org': 0.09; 'received:list': 0.09; 'received:lo.gmane.org': 0.09; 'subject:problems': 0.09; 'error:': 0.10; '[errno': 0.16; '__init__': 0.16; 'openssl': 0.16; 'skip:/ 50': 0.16; 'subject:server': 0.16; 'key.': 0.18; "doesn't": 0.22; 'header:In-Reply-To:1': 0.22; "python's": 0.24; 'error': 0.29; 'server': 0.30; 'header:User-Agent:1': 0.33; 'header:X-Complaints- To:1': 0.33; 'to:addr:python-list': 0.34; '17,': 0.34; 'keys': 0.34; 'ssl': 0.34; 'skip:" 20': 0.35; 'file': 0.36; 'received:org': 0.38; 'received:de': 0.39; 'to:addr:python.org': 0.40; 'encrypted': 0.67; 'subject:program': 0.67; 'skip:c 50': 0.77
X-Injected-Via-Gmane: http://gmane.org/
To: python-list@python.org
From: Christian Heimes <lists@cheimes.de>
Subject: Re: Localhost client-server simple ssl socket test program problems
Date: Thu, 15 Dec 2011 20:45:43 +0100
References: <BAY156-W17B3C78816FA7A676A7A93B3A30@phx.gbl>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Gmane-NNTP-Posting-Host: f049033058.adsl.alicedsl.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:8.0) Gecko/20111124 Thunderbird/8.0
In-Reply-To: <BAY156-W17B3C78816FA7A676A7A93B3A30@phx.gbl>
X-Enigmail-Version: 1.4a1pre
OpenPGP: id=AD16AB1B; url=http://cheimes.de/heimes.asc
X-BeenThere: python-list@python.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe: <http://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive: <http://mail.python.org/pipermail/python-list>
List-Post: <mailto:python-list@python.org>
List-Help: <mailto:python-list-request@python.org?subject=help>
List-Subscribe: <http://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups: comp.lang.python
Message-ID: <mailman.3696.1323978366.27778.python-list@python.org>
Lines: 25
NNTP-Posting-Host: 2001:888:2000:d::a6
X-Trace: 1323978366 news.xs4all.nl 6950 [2001:888:2000:d::a6]:52918
X-Complaints-To: abuse@xs4all.nl
Xref: x330-a1.tempe.blueboxinc.net comp.lang.python:17311

Am 15.12.2011 20:09, schrieb Yang Chun-Kai:
> Server side error:
> 
> File "views.py", line 17, in <module>
> connstream = ssl.wrap_socket(newsocket, server_side=True,
> certfile="/etc/home/ckyang/PHA/testsslsocket/mypha.crt",
> keyfile="/etc/home/ckyang/PHA/testsslsocket/mypha.key",
> ssl_version=ssl.PROTOCOL_SSLv23)
>   File "/usr/lib/python2.7/ssl.py", line 344, in wrap_socket
>     ciphers=ciphers)
>   File "/usr/lib/python2.7/ssl.py", line 119, in __init__
>     ciphers)
> ssl.SSLError: [Errno 336265218] _ssl..c:347: error:140B0002:SSL
> routines:SSL_CTX_use_PrivateKey_file:system lib

This error is most likely caused by an encrypted private key. Python's
SSL lib doesn't support encrypted private keys for sockets. You can
encrypt the private key with

   openssl rsa -in /etc/home/ckyang/PHA/testsslsocket/mypha.key -out
/etc/home/ckyang/PHA/testsslsocket/mypha-nopasswd.key

Christian