[Twisted-Python] SSL Client Certificate support

Glyph Lefkowitz glyph at twistedmatrix.com
Thu Jan 1 01:23:03 EST 2004

On Dec 31, 2003, at 12:39 PM, Martin Waite wrote:

> Many thanks - this all works beautifully.

Easier might be

from twisted.internet.ssl import DefaultOpenSSLContextFactory
ctxfac = DefaultOpenSSLContextFactory(privkey, certfile)
ctxfac.isClient = True

I would like to discourage the use of context factories outside the 
default one unless absolutely necessary - the current notion of 
"context factory" is an ugly hack that requires direct access to the 
PyOpenSSL libraries.  This will be harmful for future compatibility to, 
say, an upcoming Jython release with Java SSL support rather than 

Changing something with "OpenSSL" in its name to be a Java SSL factory 
will certainly be an ugly workaround, but _less_ ugly than trying to 
fake out the actual PyOpenSSL API by stuffing sys.modules.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
Url : http://twistedmatrix.com/pipermail/twisted-python/attachments/20040101/2283a144/attachment.pgp 

More information about the Twisted-Python mailing list