toolbelt icon indicating copy to clipboard operation
toolbelt copied to clipboard
verified publisher icon requests

Question - X509Adapter client certificate and key

Open danizen opened this issue 6 years ago • 0 comments

In X509Adapter, the certificate and private key are provided as bytes. I have a much deeper problem where I need to use with Python certificates that rely on a smart card, using package PyKCS11 to dialog with the smart card via opensc or ActivClient's PKCS11 driver.

It looks like I'll have to provide my own SSL adapter for this, but it is a bit daunting, and I wanted to understand several things before I proceed:

  • The certificate and key provided to X509Adapter or through cert=('cert.pem', 'key.pem') are only used when the server requires client authentication, correct?
  • Is there any library that does this or makes it easier for Python that I've missed?
  • Is this possible to do by overriding methods in pyopenssl?
  • Where would I best look for help and information on implementing this correctly?

danizen avatar Dec 19 '19 16:12 danizen