Twisted certificate of passing into ssl handler

Question

Twisted certificate of passing into ssl handler

I am designing an ssl server where I use twisted for it with ssl and it requires client certificate authentication when I check the client ssl certificate it returns True, but I want to pass commanname and emailaddress in the client certificate so that I can get the settings for that particular client in the handler class, so can you help me?

from OpenSSL import SSL
from twisted.internet import ssl, reactor
from twisted.internet.protocol import Factory, Protocol
from twisted.web import server, resource, static, twcgi

class Handler(Protocol):
    def dataReceived(self, data):
        self.transport.write(data)

    def connectionMade(self):
        self.transport.write('hello world')

def verifyCallback(connection, x509, errnum, errdepth, ok):
    global client_username
    if not ok:
        return False
    else:           
        return True

if __name__ == '__main__':

    #setting up ssl json server
    factory = Factory()
    factory.protocol = Handler
    myContextFactory = ssl.DefaultOpenSSLContextFactory('server.key', 'server.crt',SSL.TLSv1_METHOD)
    ctx = myContextFactory.getContext()
    ctx.load_verify_locations("ca.crt")
    ctx.set_verify(SSL.VERIFY_PEER | SSL.VERIFY_FAIL_IF_NO_PEER_CERT,verifyCallback)
    reactor.listenSSL(8080, factory,myContextFactory)
    reactor.run()

+1

python twisted openssl ssl-certificate twisted.internet

Anwar mohamed June 10. 12:55 pm

source to share

1 answer

Jean-paul calderone · Accepted Answer · 2012-06-11T17:31:07+0000

Call transport.getPeerCertificate

in Protocol.dataReceived

or another method of the protocol (only after you received some data).

Twisted certificate of passing into ssl handler

More articles: