I have used below link to generate server certificates, client certificates and CA certificates, imported client and CA certificates to Mozilla Firefox browser and then deploy server certificates and CA certificate to the Rocket server :
D:\web2py2.1.1\web2py>web2py.py -a password -i 127.0.0.1 -p 8000 -c C:\OpenSSL-Win32\bin\cirrusAwareCA\server\certificates\server.test.com.crt -k C:\OpenSSL-Win32\bin\cirrusAwareCA\server\keys\server.test.com.key --ca-cert=C:\OpenSSL-Win32\bin\cirrusAwareCA\CA\cirrusAwareCA.crt Then Open browser type https://127.0.0.1:8000/MyApp/default/index Now its giving error: <type 'exceptions.TypeError'> reduce() of empty sequence with no initial value Error snapshot [image: help] <type 'exceptions.TypeError'>(reduce() of empty sequence with no initial value) inspect attributes Frames - *File D:\web2py2.1.1\web2py\gluon\restricted.py in restricted at line 209 * code arguments variables - *File D:\web2py2.1.1\web2py\applications\AuthenticationApp\controllers\default.py in <module> at line 76* code arguments variables - *File D:\web2py2.1.1\web2py\gluon\globals.py in <lambda> at line 187* code arguments variables - *File D:\web2py2.1.1\web2py\applications\AuthenticationApp\controllers\default.py in user at line 38* code arguments variables Code listing 33. 34. 35. 36. 37. 38. 39. 40. 41. 42. use @auth.requires_login() @auth.requires_membership('group name') @auth.requires_permission('read','table name',record_id) to decorate functions that need access control """ return dict(form=auth()) def download(): """ - *File D:\web2py2.1.1\web2py\gluon\tools.py in __call__ at line 1205* code arguments variables - *File D:\web2py2.1.1\web2py\gluon\tools.py in login at line 2016* code arguments variables - *File D:\web2py2.1.1\web2py\gluon\contrib\login_methods\x509_auth.py in get_user at line 91* code arguments variables Function argument list (self=<gluon.contrib.login_methods.x509_auth.X509Auth object>) Code listing 86. 87. 88. 89. 90. 91. 92. 93. 94. 95. p = profile = dict() username = p['username'] = reduce(lambda a,b: '%s | %s' % (a,b), self.subject.CN or self.subject.commonName) p['first_name'] = reduce(lambda a,b: '%s | %s' % (a,b),self.subject.givenName or username) p['last_name'] = reduce(lambda a,b: '%s | %s' % (a,b),self.subject.surname) p['email'] = reduce(lambda a,b: '%s | %s' % (a,b),self.subject.Email or self.subject.emailAddress) # IMPORTANT WE USE THE CERT SERIAL AS UNIQUE KEY FOR THE USER p['registration_id'] = self.serial Variables a undefined b undefined builtinreduce <built-in function reduce> self.subject.surname [] self <gluon.contrib.login_methods.x509_auth.X509Auth object> self.subject <Storage {'Email': [], 'C': ['IN'], 'serialNumbe...SG'], 'organizationUnitName': ['HSG'], 'SN': []}> p {'first_name': 'A | m | i | t', 'username': 'Amit'} Regards, Amit On Tue, Nov 6, 2012 at 6:42 PM, Michele Comitini <[email protected] > wrote: > https://github.com/web2py/web2py/blob/master/gluon/main.py#L824 > > The log seems to say that your certificate file is not there, or not > accessible > > mic > > > 2012/11/6 Amit <[email protected]> > >> I am using Python 2.7.2. >> >> On Tue, Nov 6, 2012 at 6:33 PM, Michele Comitini < >> [email protected]> wrote: >> >>> What is your python version? >>> >>> >>> 2012/11/6 Amit <[email protected]> >>> >>>> Hi Michele, >>>> I used Simpatica to generates the certificates but failed to deploy to >>>> the web2py server, please check once the first mail in this mail chain >>>> where I explained the problem in details. >>>> >>>> Regards, >>>> Amit >>>> >>>> On Tue, Nov 6, 2012 at 4:52 PM, Michele Comitini < >>>> [email protected]> wrote: >>>> >>>>> I suggest looking at code gluon/contrib/login_methods/x509_auth.py. >>>>> Basically you can extract anything from client supplied cert and use it >>>>> with the auth tables of web2py. That is really simple. >>>>> The tedious part id getting to know what stuff you can put in the >>>>> cert. That is more related to managing a CA than to web2py itself. >>>>> >>>>> I have written a simple but functional app for managing a little CA: >>>>> simpatiCA <http://goo.gl/nrAhS> ; it is simple enough to be used as >>>>> an example and extended to your needs. If you need a real CA there are >>>>> more featured solutions around... >>>>> >>>>> mic >>>>> >>>>> >>>>> > PS: the man behind X509 auth code in web2py is mcm, sadly for your >>>>> it's documented how it works but not how to organize the certs (which in > >>>>> theory you should know in advance) >>>>> >>>>> -- >>>>> >>>>> >>>>> 2012/11/6 Niphlod <[email protected]> >>>>> >>>>>> hem... one thing is helping you to create certs and key for a SSL >>>>>> protected webserver, quite another to help you managing a credential >>>>>> store >>>>>> (I really don't have time for that). >>>>>> You have problems on finding out what OpenSSL is and want to manage >>>>>> X509 ? Really ? >>>>>> Maybe it's time to read some docs. >>>>>> >>>>>> http://www.cafesoft.com/products/cams/ps/docs30/admin/ConfiguringApache2ForSSLTLSMutualAuthentication.html >>>>>> >>>>>> >>>>>> PS: the man behind X509 auth code in web2py is mcm, sadly for your >>>>>> it's documented how it works but not how to organize the certs (which in >>>>>> theory you should know in advance) >>>>>> >>>>>> -- >>>>>> >>>>>> >>>>>> >>>>>> >>>>> >>>>> -- >>>>> >>>>> >>>>> >>>>> >>>> >>>> -- >>>> >>>> >>>> >>>> >>> >>> -- >>> >>> >>> >>> >> >> -- >> >> >> >> > > -- > > > > --
