[Twisted-Python] strports.service, ssl and forcing client certs

Phil Mayers p.mayers at imperial.ac.uk
Thu Aug 31 04:32:03 EDT 2006

Jean-Paul Calderone wrote:
> No: use strports when you want to present strings of this form as a
> user-interface element, not otherwise.

Ok, but interesting. Why not otherwise? Do they have something bad about 

> To programatically configure an SSL server which requires a client 
> certificate
> use something like this:
>    from twisted.internet import ssl, reactor
>    reactor.listenSSL(4443, f, ssl.CertificateOptions())

This is in a .tac file but I get the idea.

> Unlike the older ContextFactory classes, CertificateOptions has somewhat
> more modern requirements not dictated by HTTP.  Specifically, the method
> is TLSv1 and certificates are required.

 >>> import twisted
 >>> import twisted.internet.ssl
 >>> ssl.CertificateOptions()
Traceback (most recent call last):
   File "<stdin>", line 1, in ?
NameError: name 'ssl' is not defined
 >>> twisted.__version__

When was that added?

The only reason I was using strports was that the ContextFactory thing 
was a royal pain to do even the most basic SSL setup (like e.g. a server 
cert and key...). I'd be glad to ditch it.

More information about the Twisted-Python mailing list