Secure Websockets with Client Certificate Authentication using Twisted -


i know if there option implement secure websockets (wss://) , client certificate based authentication twisted ?

i followed instructions on http://twistedmatrix.com/documents/12.3.0/core/howto/ssl.html, in setup of site on https:// , client certificates described. using self signed certs, works fine. however, things tricky when websockets come play.

running whole thing in ie 10 works fine. client authenticates certificate , gains access site , may open websocket. ff , chrome, however, won't work. note webserver , websocket run on same port.

in opinion, seems ie somehow stores authentication of client , uses access websocket. ff , chrome somehow treat websocket different ressource no authentication has happened before.

has experienced same or similiar issues or maybe implemented solution this?

if needed, can provide source code far.

for interested readers having same problem, figured out. solution set session id ssl context. browser seems remember cert authentication subresources websockets.

this should it:

contextfactory = twisted.internet.ssl.defaultopensslcontextfactory('keys/server.key',                                                  'keys/server.crt')   ctx = contextfactory.getcontext() ctx.set_verify(      openssl.ssl.verify_peer | openssl.ssl.verify_client_once,      verifycallback      ) ## since have self-signed certs have explicitly ## tell server trust them. ctx.load_verify_locations("keys/ca.crt") ctx.set_session_id("id")

lines 1-8 needed anyway. whats new line 9. here have set session id.


Comments

Post a Comment

Popular posts from this blog

Change php variable from jquery value using ajax (same page) -

what i'm trying this: i've php global variable $currentid , simple jquery script check if there "id" (page) in hash of url , if yes wanted give value $currentid . i've been reading lot , notice shall use ajax i'm not managing it. my code is: <script type="text/javascript"> $(document).ready(function(){ if (parent.location.hash != '' ) { var thecurrentid = parent.location.hash.split('#')[1]; $.ajax({ url: 'my.php', //current page type: 'post', data: {theid: thecurrentid }, datatype: 'json', success: function () { } }); } // code here }); </script> could me please? thank in advance. php server side language, meaning once has sent data browser, php variables , data cannot changed... however, using ajax, can send request php page , change data in dom based on result. consider th...
Read more

Pull out data related to my apps from Android Play Store and iOS App Store -

i want pull out data related apps (ratings, reviews, etc) google play store , apple app store ? how can accomplish ? i have found open source apis google mentioned not reliable. also there paid apis (e.g. appfigures) available. has idea how able pull data these play stores ?? i looking direction on how can accomplish this. can suggest ? we (appfigures) have been working on developing infrastructure give ability reviews , bunch of other data points major app stores several years :] we make available via our api though may want check out.
Read more

How can I fetch data from a web server in an android application? -

i want retrieve data web server in android application, , don't know begin. should use web services? i recommend these tutorials: connect android php , mysql , json in android , php , mysqli i used these tutorials , managed trying working without difficulty. between them describe each step in how attempting @ each stage, android application, database , web server side , has information included can process , use received information the thing add connect android php , mysql tutorial makes use of mysql_ in php deprecated. better use mysqli why included third link. the basic outline of want this: 1) in android app make request server php script using class this: import java.io.bufferedreader; import java.io.ioexception; import java.io.inputstream; import java.io.inputstreamreader; import java.io.unsupportedencodingexception; import java.util.list; import org.apache.http.httpentity; import org.apache.http.httpresponse; import org.apache.http.namevaluepair...
Read more