diff options
author | Stanislav Laznicka <slaznick@redhat.com> | 2017-01-31 12:07:27 +0100 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2017-01-31 15:50:27 +0100 |
commit | 71ae20c42c62e09e7f0f576f21076051ec6eecd6 (patch) | |
tree | 0d19d3e796dc443ad56db697934b54cd06cb10e6 /base/common/python | |
parent | 17df5982a5e312eb3400237655740efe7c2f74e1 (diff) | |
download | pki-71ae20c42c62e09e7f0f576f21076051ec6eecd6.tar.gz pki-71ae20c42c62e09e7f0f576f21076051ec6eecd6.tar.xz pki-71ae20c42c62e09e7f0f576f21076051ec6eecd6.zip |
PKIConnection: allow separation of client cert and pkey
Currently, PKIConnection does not allow to have client certificate
and private key stored in different files. However, python-requests
library allows this separation so it should be made possible.
Diffstat (limited to 'base/common/python')
-rw-r--r-- | base/common/python/pki/client.py | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/base/common/python/pki/client.py b/base/common/python/pki/client.py index 7e91046b8..3e819cfd1 100644 --- a/base/common/python/pki/client.py +++ b/base/common/python/pki/client.py @@ -101,14 +101,17 @@ class PKIConnection: if username is not None and password is not None: self.session.auth = (username, password) - def set_authentication_cert(self, pem_cert_path): + def set_authentication_cert(self, pem_cert_path, pem_key_path=None): """ Set the path to the PEM file containing the certificate and private key for the client certificate to be used for authentication to the server, - when client certificate authentication is required. + when client certificate authentication is required. The private key may + optionally be stored in a different path. :param pem_cert_path: path to the PEM file :type pem_cert_path: str + :param pem_key_path: path to the PEM-formatted private key file + :type pem_key_path: str :return: None :raises: Exception if path is empty or None. """ @@ -116,7 +119,10 @@ class PKIConnection: raise Exception("No path for the certificate specified.") if len(str(pem_cert_path)) == 0: raise Exception("No path for the certificate specified.") - self.session.cert = pem_cert_path + if pem_key_path is not None: + self.session.cert = (pem_cert_path, pem_key_path) + else: + self.session.cert = pem_cert_path @catch_insecure_warning def get(self, path, headers=None, params=None, payload=None): |