堆栈内存溢出
  简体   繁体   English

Python / Twisted程序在Windows下验证SSL证书的正确方法是什么?

[英]What's the right way for a Python/Twisted program to validate an SSL certificate under Windows?

 原文  2010-11-10 13:49:17       python/ windows/ ssl/ twisted

问题描述

Is there a way for a Python/Twisted program to cleanly make use of the list of root certificates that Internet Explorer uses to validate an SSL connection to an HTTPS server? 有没有办法让Python / Twisted程序干净地利用Internet Explorer用于验证与HTTPS服务器的SSL连接的根证书列表? The answers provided to Validate SSL certificates with Python are very helpful but the example code gets the root certificates by reading the Unix specific directory /etc/ssl/certs/*.pem and it's not clear to me what the Windows equivalent of this would be. 提供给使用Python验证SSL证书的答案非常有用,但示例代码通过读取Unix特定目录/etc/ssl/certs/*.pem来获取根证书,并且我不清楚Windows的等效内容是什么。

1 个解决方案

解决方案1
 3 已采纳  2010-11-10 17:53:11

The Windows equivalent is "copy /etc/ssl/certs/*.pem from your Linux machine". Windows等效项是“从Linux机器上复制/etc/ssl/certs/*.pem”。 Mac and Windows have different native APIs for getting at their respective certificate stores, which Twisted doesn't directly support. Mac和Windows具有不同的本机API,用于获取各自的证书存储,Twisted不直接支持。 They don't use OpenSSL certificates natively, and they certainly don't put things in as straightforward a layout as 'directory of PEM files'. 它们本身不使用OpenSSL证书,并且它们当然不会像“PEM文件目录”那样直接布局。 If you can export your trust roots as PEMs, you could then ask Twisted (well, really, OpenSSL via PyOpenSSL ) to verify it that way. 如果您可以将您的信任根导出为PEM,那么您可以通过PyOpenSSL方式询问Twisted(嗯,实际上, OpenSSL )以此方式进行验证。

I am abstractly interested in doing this in a super-portable way, but I've never actually tried it. 我对这种超级便携的方式感兴趣,但我从未尝试过。 Here are some links to get you started: SecureTransport reference , Microsoft Cryptography Functions . 以下是一些入门链接: SecureTransport参考Microsoft Cryptography Functions

In the SecureTransport reference, the documentation points out that SSLGetTrustedRoots is deprecated but doesn't mention the alternative SSLCopyTrustedRoots which isn't. 在SecureTransport参考,文档指出SSLGetTrustedRoots已被弃用,但没有提及替代SSLCopyTrustedRoots这是不。 That's probably the API you want to start with on a Mac (via PyObjC). 这可能是你想在Mac上开始的API(通过PyObjC)。 On Windows, I'm really not sure, except somewhere in that pile of functions there's probably one that does what you would like, and maybe you can call it with ctypes :). 在Windows上,我真的不确定,除了那堆函数中的某个地方可能有一个你想要的东西,也许你可以用ctypes调用它:)。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Python Twisted SSL的证书生成 - Certificate Generation for Python Twisted SSL 如何在python中验证服务器的SSL证书? - How to validate server's ssl certificate in python? 如何验证双绞线SSL客户端中的SSL服务器证书 - How to validate the SSL server certificate in twisted SSL client Python Twisted:SSL例程,ssl3_get_server_certificate错误 - Python Twisted : SSL routines , ssl3_get_server_certificate errors 用python扭曲做旋转日志的正确方法是什么? - What's the correct way to do a rotating log with python twisted? 扭曲在窗户下 - Twisted under windows 在 python 中验证 StoreKit 2 事务 jwsRepresentation 的正确方法是什么? - What is the right way to validate a StoreKit 2 transaction jwsRepresentation in python? 在 python 2.7 下的 Windows 10 64 位上安装 twisted - Installing twisted on Windows 10 64 bit under python 2.7 在python中循环该程序的最佳方法是什么? - What's the best way to loop this program in python? 在Windows 7 64位上验证Python中的SSL证书 - Verify SSL Certificate in Python on Windows 7 64 bit
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM