我不知道如何将X509私钥加载到M2Crypto.SSL.Context中。
是否使用M2Crypto.X509.X509_Store.add_X509功能?
由于
答案 0 :(得分:0)
Context的证书和私钥由Context.load_cert()或Context.load_cert_chain()方法设置,例如:
from M2Crypto import SSL
ctx = SSL.Context()
ctx.load_cert('/path/to/certificate.pem', '/path/to/privkey.pem')
编辑:要直接使用X509对象和私钥,您需要使用低级M2Crypto.m2 API。
示例:
from M2Crypto import SSL, X509, EVP, RSA, m2
ctx = SSL.Context()
x509 = X509.load_cert('/path/to/cert.pem')
evp = EVP.PKey()
rsa = RSA.load_key('/path/to/privkey.pem')
evp.assign_rsa(rsa)
# or instantiate evp key differently, e.g. directly from file:
# evp = EVP.load_key('/path/to/privatekey.pem')
m2.ssl_ctx_use_x509(ctx.ctx, x509.x509)
m2.ssl_ctx_use_pkey_privkey(ctx.ctx, evp.pkey)
# rsa key could be used directly instead:
# m2.ssl_ctx_use_rsa_privkey(ctx.ctx, rsa.rsa)
# verify everything went ok
m2.ssl_ctx_check_privkey(ctx.ctx)