tags:

views:

87

answers:

1

Is there a way to turn off SSL checking so that WrongHost Exceptions are not generated when using SOAPpy in python.

+1  A: 

You can disable all peer certificate checks in M2Crypto like that:

from M2Crypto import SSL, httpslib

context = SSL.Context("sslv3")

# Disable certificate checking
context.set_verify(0, depth = 0)

connection = httpslib.HTTPSConnection("somehostname", 443, ssl_context=context)

# Hack (!!!) for disabling host name check <CN> == <expected host name>.
# Will affect any future SSL connections made by M2Crypto!
SSL.Connection.postConnectionCheck = None

connection.connect() # <-- this would normally raise SSL verification errors
connection.request("GET", "/")

...

I hope you're aware that this will essentially disable security for any SSL connection created with M2Crypto. So this isn't recommendable at all, except if you're only communicating with one server and think that the man-in-the-middle risk is more acceptable than having unencrypted HTTP.

So far for the M2Crypto solution, but as your question (as opposed to your title) asks for SOAPpy (which I haven't used yet), the solution might be different because the SOAPpy config seems to use the socket module instead of M2Crypto.SSL (see line 132). I don't know how to prevent the socket.ssl module to check host names.

AndiDog