Am 15.12.2011 21:09, schrieb Yang Chun-Kai: > Thanks for tips. > > But I dont understand one thing is if Python's SSL lib doesn't support > encrypted private keys for sockets. > > Then why should we "encrypt" the private key with "openssl rsa -in > /etc/home/ckyang/PHA/testsslsocket/mypha.key -out > > /etc/home/ckyang/PHA/testsslsocket/mypha-nopasswd.key" again? > > Shouldn't that be decrypted? > > And also this solution is not the right one , I use mypha-nopasswd.key > replace the original one, still not work.
IIRC the command should decrypt the key. Did it prompt for a password? The error could be caused by other issues. For example the key and cert must be in PEM Format. The PKS#12 isn't supported. I'm not sure if Python's builtin SSL module loads DER certs. You may also missing a valid CA cert chain. Python 2.x's SSL module doesn't support cert directories so you have to provide a chain file. The certs in the chain file must be in the right order, too. Christian -- http://mail.python.org/mailman/listinfo/python-list