我设置了一个拒绝没有有效 .p12 证书的连接的 Web 服务器。我需要使用 Python 脚本访问在服务器上运行的 REST API,但我找不到任何有关如何执行此操作的信息。如果有人有关于如何在 Python 中使用 .p12 证书执行 SSL 握手的好教程,请告诉我。
问问题
9937 次
1 回答
2
The same methods described in the answers to this question, which asks about verifying a server certificate during the HTTPS connection (this is not done at all by default by urllib or httplib) should allow you to specify a client-certificate in addition to the CA certificate lists.
- If you choose the option based on
ssl.wrap_socket, pass acerfile/keyfileparameter as described in the documentation. - Using PycURL, you should be able to call
setopt(pycurl.SSLCERT, "/path/to/cert.pem")andsetopt(pycurl.SSLKEY, "/path/to/key.pem"). The option names are based on the SSL and SECURITY OPTIONS section of the cURL documentation (there's an option for the password too).
It's likely that you will have to convert your PKCS#12 (.p12) file into PEM format. To do so:
# Extract the certificate:
openssl pkcs12 -in filename.p12 -nokeys -out certificate.pem
# Extract the private key:
openssl pkcs12 -in filename.p12 -nocerts -out privkey.pem
于 2012-05-08T23:55:27.673 回答