[python-tulip] SSL HandShake / Dynamic Certificates
One can start a SSL server with a static certificate like this: ctx = create_default_context(Purpose.CLIENT_AUTH) ctx.load_cert_chain('pem.crt') async(start_server(handle, host, port, family=AF_INET, limit=8192, ssl=ctx)) However, if you need to use dynamic certificates, you must have access to SSL Handshake in async means. But this is not currently supported by asyncio. I also remember that, about 3 months ago we had some discussion about creating a plain Stream and at some point of communication switching to SSL, which again need Async SSL HandShake. Are there any developments about supporting this capability. Regards, Imran
Re: [python-tulip] SSL HandShake / Dynamic Certificates
Hi, 2014-07-30 12:30 GMT+02:00 Imran Geriskovan imran.gerisko...@gmail.com: However, if you need to use dynamic certificates, you must have access to SSL Handshake in async means. But this is not currently supported by asyncio. What is a dynamic certificate? If you want to load a certificate from memory, you should take a look at: http://bugs.python.org/issue21965 Victor
Re: [python-tulip] SSL HandShake / Dynamic Certificates
What is a dynamic certificate? Victor Certificates are not Dynamic after all. It is providing different certificates to different accepted clients by SSL server. Pre-Asyncio era code is here: ctx = create_default_context(Purpose.CLIENT_AUTH) ctx.load_cert_chain(pem1.crt') # or pem99.crt s = ctx.wrap_socket(s, server_side = True, do_handshake_on_connect = False) ... s.do_handshake() Anyway.. The request is to ssl wrap a stream (sort of. Switch to ssl mode after creation) and have seperate access to handshake on asyncio. Regards,