I need to use Python to access data from a RESTful web service that requires certificate-based client authentication (PKI) over SSL/HTTPS. What is the recommended way of doing this?
+1
A:
I found this: http://code.activestate.com/recipes/117004/ I did not try it so it may not work.
stribika
2009-07-15 23:18:22
+1
A:
The suggestion by stribika using httplib.HTTPSConnection should work for you provided that you do not need to verify the server's certificate. If you do want/need to verify the server, you'll need to look at a 3rd party module such as pyOpenSSL (which is a Python wrapper around a subset of the OpenSSL library).
mhawke
2009-07-16 03:35:50
A:
I would recommend using M2Crypto. If you are a Twisted guy, M2Crypto integrates with Twisted so you can let Twisted handle the networking stuff and M2Crypto the SSL/verification/validation stuff.
Heikki Toivonen
2009-09-17 23:16:52
A:
As mhawke said, the default Python libraries don't verify the server's certificate, which ought to be necessary if you want the connection to be secure (that's what prevents man-in-the-middle attacks).
You could use this library too: http://code.google.com/p/python-httpclient/
Bruno
2010-10-15 09:50:02