python-zeep

python-zeep copied to clipboard

I've had a use case where i need to specify a different certificate for validating responses to requests that were signed with Zeep's BinarySignature (from zeep.wsse.signature import BinarySignature)

Related issue skips verification entirely: #996

Usage example:

wsse_sig = BinarySignature("my_private.key", "my_public.cer", verify_cert_file="their_public.cer")
client = Client(url_to_wsdl, wsse=wsse_sig)

I am sorry, i just stumbled across another PR which addresses the same issue: #1118

However, that PR adds the option to disable verification entirely which i am not sure is a good idea? You can always do:

try:
    client.service.SomeService(**payload)
except SignatureVerificationFailed:
    pass