[Twisted-Python] Implementing STARTTLS in a protocol

Jean-Paul Calderone exarkun at divmod.com
Sat May 24 09:57:34 MDT 2008

On Fri, 23 May 2008 17:31:39 -0500, Kevin Horn <kevin.horn at gmail.com> wrote:
>On Fri, May 23, 2008 at 3:32 PM, Jean-Paul Calderone <exarkun at divmod.com>
> [snop]
>Well that's ... frustrating.  I was hoping I had just overlooked something
>obvious (and easy to fix!)
>Can you tell me more about the environment you are running under?
>So far I've tried:
>WinXP,  Python 2.5, Twisted 8.0.1, pyOpenSSL 0.7, OpenSSL 0.9.8g
>Linux(CentOS), Python 2.4, Twisted 8.1.0, pyOpenSSL 0.7, OpenSSL 0.9.7a

I tried with Ubuntu 7.10, Python 2.5.1, Twisted trunk at HEAD, OpenSSL
0.9.8e-5ubuntu3, pyOpenSSL 0.6-2.3ubuntu1.  I also tried with the
Twisted 2.5 release branch.  I don't have pyOpenSSL 0.7 handy at the
moment.  Maybe you could give 0.6 a try?  I can't think of any changes
between those versions that might be causing this, but one never knows.


>Perhaps there is something wrong with my certificates?  I would expect that
>this would cause errors on the server end, though...

Seems like the cert is probably fine, yea.  I'm attaching the one I tested
with so you can give it a try, though.

>Is there any way to get more information about the handshake failure?

ssldump might tell you something, but you'll have to dig a bit and do some
interpretation.  And it might just end up telling you that the handshake
is failing.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: server.pem
Type: application/octet-stream
Size: 1851 bytes
Desc: not available
URL: </pipermail/twisted-python/attachments/20080524/ba7c07f9/attachment-0002.obj>

More information about the Twisted-Python mailing list