使用ssl和套接字的python客户端身份验证
我有一个python服务器,它需要一个客户机使用证书进行身份验证,如何制作一个使用客户机证书的客户机脚本,以便服务器使用ssl和套接字模块在python中进行身份验证 是否有只使用套接字和ssl而不使用out twisted的示例使用ssl和套接字的python客户端身份验证,python,sockets,ssl,openssl,Python,Sockets,Ssl,Openssl,我有一个python服务器,它需要一个客户机使用证书进行身份验证,如何制作一个使用客户机证书的客户机脚本,以便服务器使用ssl和套接字模块在python中进行身份验证 是否有只使用套接字和ssl而不使用out twisted的示例 from OpenSSL import SSL from twisted.internet import ssl, reactor from twisted.internet.protocol import ClientFactory, Protocol class
from OpenSSL import SSL
from twisted.internet import ssl, reactor
from twisted.internet.protocol import ClientFactory, Protocol
class EchoClient(Protocol):
def connectionMade(self):
"print connected"
def dataReceived(self, data):
print "Server said:", data
self.transport.loseConnection()
class EchoClientFactory(ClientFactory):
protocol = EchoClient
def clientConnectionFailed(self, connector, reason):
print "Connection failed - goodbye!"
reactor.stop()
def clientConnectionLost(self, connector, reason):
print "Connection lost - goodbye!"
reactor.stop()
class CtxFactory(ssl.ClientContextFactory):
def getContext(self):
self.method = SSL.TLSv1_METHOD
ctx = ssl.ClientContextFactory.getContext(self)
ctx.use_certificate_file('client.crt')
ctx.use_privatekey_file('client.key')
return ctx
if __name__ == '__main__':
factory = EchoClientFactory()
reactor.connectSSL('localhost', 8080, factory, CtxFactory())
reactor.run()
谢谢,我已经解决了:)
import socket, ssl, pprint
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
# require a certificate from the server
ssl_sock = ssl.wrap_socket(s,
keyfile="client.key",
certfile="client.crt",
ca_certs="ca.crt",
cert_reqs=ssl.CERT_REQUIRED)
ssl_sock.connect(('127.0.0.1', 8080))
print repr(ssl_sock.getpeername())
print ssl_sock.cipher()
print pprint.pformat(ssl_sock.getpeercert())
ssl_sock.write("testing")
data = ssl_sock.read()
print data
ssl_sock.close()