[Twisted-Python] HTTPS and subjectAltName
Roland Hedberg
roland.hedberg at adm.umu.se
Thu Apr 10 11:37:33 MDT 2008
Hi!
I'm building a Twisted based system where the basic components are
nodes. Information flows between these nodes and one of the transport
protocols that can be used are HTTP/HTTPS.
Now, both servers and clients has certificates and hostname verification
is a must. Because of that I'd love to be able to access the
subjectAltName extension.
I started with pyOpenSSL and I was very happy with that until I realized
that there is no support for the subjectAltName (SAN) extension in
pyOpenSSL.
Over to M2Crypto, which has support for SAN, but now I can not get
anything to work. I guess there is some mismatch between the interfaces
to the Context class provided by M2Crypto and pyOpenSSL. Because I just
imported SSL from M2Crypto instead of OpenSSL and left the rest of the
code more or less intact.
The error I get is:
File
"/Library/Frameworks/Python.framework/Versions/2.4/lib/python2.4/site-packages/twisted/internet/ssl.py",
line 169, in createInternetSocket
return SSL.Connection(self.ctxFactory.getContext(), sock)
TypeError: Connection() argument 1 must be Context, not instance
So, if it possible to use M2Crypto together with Twisted ?
If so, can someone tell me what I might have missed ?
-- Roland
More information about the Twisted-Python
mailing list