[Twisted-Python] SSL client certificate verification...

Itamar Shtull-Trauring itamar at itamarst.org
Wed Oct 8 13:49:42 MDT 2003


On Wed, 08 Oct 2003 14:58:10 -0400 (EDT)
Miguel Marques <miguel at yorku.ca> wrote:

> I'm having a bit of difficulty figuring out how to get the CN.  I'm
> trying to get it from the twisted.web.server.Request passed to the
> render method of xmlrpc.XMLRPC.  I suspect somewhere in there is the
> OpenSSL Connection object I can call get_peer_certificate() on.
> But I'm not sure where...
> Any pointers in the right direction would be greatly appreciated.
> TIA...

request.channel.transport.getPeerCertificate() I think, except this
won't work for pipelining clients at the moment. Arguably auth should be
done when the client connects - you can do this with custom
ContextFactory that creates Contexts that do verification callback.

-- 
Itamar Shtull-Trauring    http://itamarst.org/
Available for Python & Twisted consulting




More information about the Twisted-Python mailing list