[英]Urllib3 custom SSL key encryption
In Python's urllib3 under Client Certificates there is an option for key_password
. 在Python的urllib3的“ 客户端证书”下,有一个
key_password
选项。
Currently, I have the key info in plaintext and I want to encrypt it before storing it on the disk. 当前,我具有纯文本形式的密钥信息,并且想要在将其存储在磁盘上之前对其进行加密。
Here is the implementation: 这是实现:
http = urllib3.PoolManager(
... cert_file='/path/to/your/client_cert.pem',
... cert_reqs='CERT_REQUIRED',
... key_file='/path/to/your/client.key',
... key_password='keyfile_password')
However, I have not been able to find any documentation around what kind of encryption is supported for the key. 但是,我找不到关于该密钥支持哪种加密的任何文档。
Okay. 好的。 I figured it out.
我想到了。
I used AES symmetric encryption to encrypt the key. 我使用AES对称加密来加密密钥。
Here is the command: 这是命令:
# openssl rsa -aes256 -in <key-file-in-plaintext> -out <key-file-encrypted>
> openssl rsa -aes256 -in key.pem -out key.pem.encrypted
This will ask you to enter a passphrase and it'll create an RSA key for you. 这将要求您输入密码,它将为您创建一个RSA密钥。
You can use this passphrase and pass it to the key_password
named parameter. 您可以使用此密码并将其传递给名为参数的
key_password
。
Disclaimer:
key_password
is only supported in 1.25 and above versions of urllib3免责声明:
key_password
仅在urllib3的1.25及更高版本中受支持
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.