[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xmlblaster-devel] OT: ssl on socket protocol



I'm making good progress with the pure python socket protocol module.

But, I'm having some trouble with SSL support.

Python allows for two modes of SSL communication on a socket.

1. where both a keyfile and a certificate has been specified

2. where neither a keyfile nor a certificate has been specified.


For option 1, I'm trying to figure out which keyfile and certificate it wants. I guess 
Python wants any private key file to encrypt outgoing data. So, I'd have to load the 
public rsa key from that keyfile into the java keystore using keytool -import

And for the certificate, I guess it wants the public certificate from xmlblasters 
keystore, which I got in PEM format using keytool -export.

However when I try this, python complains about the exported xmlblaster 
certificate:

socket.sslerror: SSL_CTX_use_certificate_chain_file error

When I try option 2, that is, enable ssl but don't specify a key file or a certificate, 
xmlblaster closes the connection without generating any diagnostics.

I guess it's not possible to get xmlblaster to accept an ssl connection without a 
keyfile?

I'm pretty confused about how this should work. All I know is, python wants both a 
keyfile and a certificate in PEM format.

Anybody get Java and Python SSL to talk to each other?

Thanks





-- 
Brad Clements,                bkc at murkworks.com    (315)268-1000
http://www.murkworks.com                          
AOL-IM or SKYPE: BKClements