I need to use Python to access data from a RESTful web service that requires certificate-based client authentication (PKI) over SSL/HTTPS. What is the recommended way of doing this?
I found this: http://code.activestate.com/recipes/117004/ I did not try it so it may not work.
The suggestion by stribika using httplib.HTTPSConnection
should work for you provided that you do not need to verify the server's certificate. If you do want/need to verify the server, you'll need to look at a 3rd party module such as pyOpenSSL (which is a Python wrapper around a subset of the OpenSSL library).
I would recommend using M2Crypto. If you are a Twisted guy, M2Crypto integrates with Twisted so you can let Twisted handle the networking stuff and M2Crypto the SSL/verification/validation stuff.
As mhawke said, the default Python libraries don't verify the server's certificate, which ought to be necessary if you want the connection to be secure (that's what prevents man-in-the-middle attacks).
You could use this library too: http://code.google.com/p/python-httpclient/