[Twisted-Python] HTTPS and subjectAltName

Roland Hedberg roland.hedberg at adm.umu.se
Thu Apr 10 13:37:33 EDT 2008


I'm building a Twisted based system where the basic components are 
nodes. Information flows between these nodes and one of the transport 
protocols that can be used are HTTP/HTTPS.

Now, both servers and clients has certificates and hostname verification 
is a must. Because of that I'd love to be able to access the 
subjectAltName extension.

I started with pyOpenSSL and I was very happy with that until I realized 
that there is no support for the subjectAltName (SAN) extension in 

Over to M2Crypto, which has support for SAN, but now I can not get 
anything to work. I guess there is some mismatch between the interfaces 
to the Context class provided by M2Crypto and pyOpenSSL. Because I just 
imported SSL from M2Crypto instead of OpenSSL and left the rest of the 
code more or less intact.

The error I get is:

line 169, in createInternetSocket
  return SSL.Connection(self.ctxFactory.getContext(), sock)
  TypeError: Connection() argument 1 must be Context, not instance

So, if it possible to use M2Crypto together with Twisted ?
If so, can someone tell me what I might have missed ?

-- Roland

More information about the Twisted-Python mailing list