Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #12727
| From | Gelonida N <gelonida@gmail.com> |
|---|---|
| Subject | Re: SSL module needs issuer information |
| Date | 2011-09-04 02:15 +0200 |
| References | <4e626d97$0$1665$742ec2ed@news.sonic.net> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.750.1315095349.27778.python-list@python.org> (permalink) |
Hi John, On 09/03/2011 08:10 PM, John Nagle wrote: > The SSL module still doesn't return much information from the > certificate. SSLSocket.getpeercert only returns a few basic items > about the certificate subject. You can't retrieve issuer information, > and you can't get the extensions needed to check if a cert is an EV cert. > > With the latest flaps about phony cert issuers, it's worth > having issuer info available. It was available in the old M2Crypto > module, but not in the current Python SSL module. Your phrasing 'old M2Crypto' disturbs me slightly. I am using Python 2.6. Is M2Crypto also obsolete for python 2.6? Is there any serious alternative if I want to verify the server certificate in a safe way (and if I want to send a client certificate)?? I am in search for a set of libraries, which allows me to: - verify the server certificate (ideally via a custom call back, which can inspect the certificate data and then decide whether the certificate shall be accepted or not) - send a client certificate - use https with a cookie jar (ideally even persistent, but session cookies are enough) - do XMLRPC calls (but send cookies in the headers) Would m2crypto be the right choice?
Back to comp.lang.python | Previous | Next — Previous in thread | Find similar | Unroll thread
SSL module needs issuer information John Nagle <nagle@animats.com> - 2011-09-03 11:10 -0700 Re: SSL module needs issuer information Terry Reedy <tjreedy@udel.edu> - 2011-09-03 15:23 -0400 Re: SSL module needs issuer information Gelonida N <gelonida@gmail.com> - 2011-09-04 02:15 +0200
csiph-web