Thanks for tips. But I dont understand one thing is if Python's SSL lib doesn't support encrypted private keys for sockets. Then why should we "encrypt" the private key with "openssl rsa -in /etc/home/ckyang/PHA/testsslsocket/mypha.key -out /etc/home/ckyang/PHA/testsslsocket/mypha-nopasswd.key" again? Shouldn't that be decrypted? And also this solution is not the right one, I use mypha-nopasswd.key replace the original one, still not work. So sad. But thanks. ^ ^ Kay
> To: python-list@python.org > From: li...@cheimes.de > Subject: Re: Localhost client-server simple ssl socket test program problems > Date: Thu, 15 Dec 2011 20:45:43 +0100 > > Am 15.12.2011 20:09, schrieb Yang Chun-Kai: > > Server side error: > > > > File "views.py", line 17, in <module> > > connstream = ssl.wrap_socket(newsocket, server_side=True, > > certfile="/etc/home/ckyang/PHA/testsslsocket/mypha.crt", > > keyfile="/etc/home/ckyang/PHA/testsslsocket/mypha.key", > > ssl_version=ssl.PROTOCOL_SSLv23) > > File "/usr/lib/python2.7/ssl.py", line 344, in wrap_socket > > ciphers=ciphers) > > File "/usr/lib/python2.7/ssl.py", line 119, in __init__ > > ciphers) > > ssl.SSLError: [Errno 336265218] _ssl..c:347: error:140B0002:SSL > > routines:SSL_CTX_use_PrivateKey_file:system lib > > This error is most likely caused by an encrypted private key. Python's > SSL lib doesn't support encrypted private keys for sockets. You can > encrypt the private key with > > openssl rsa -in /etc/home/ckyang/PHA/testsslsocket/mypha.key -out > /etc/home/ckyang/PHA/testsslsocket/mypha-nopasswd.key > > Christian > > > -- > http://mail.python.org/mailman/listinfo/python-list
-- http://mail.python.org/mailman/listinfo/python-list