From 71ae20c42c62e09e7f0f576f21076051ec6eecd6 Mon Sep 17 00:00:00 2001 From: Stanislav Laznicka Date: Tue, 31 Jan 2017 12:07:27 +0100 Subject: PKIConnection: allow separation of client cert and pkey Currently, PKIConnection does not allow to have client certificate and private key stored in different files. However, python-requests library allows this separation so it should be made possible. --- base/common/python/pki/client.py | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) (limited to 'base/common/python') diff --git a/base/common/python/pki/client.py b/base/common/python/pki/client.py index 7e91046b8..3e819cfd1 100644 --- a/base/common/python/pki/client.py +++ b/base/common/python/pki/client.py @@ -101,14 +101,17 @@ class PKIConnection: if username is not None and password is not None: self.session.auth = (username, password) - def set_authentication_cert(self, pem_cert_path): + def set_authentication_cert(self, pem_cert_path, pem_key_path=None): """ Set the path to the PEM file containing the certificate and private key for the client certificate to be used for authentication to the server, - when client certificate authentication is required. + when client certificate authentication is required. The private key may + optionally be stored in a different path. :param pem_cert_path: path to the PEM file :type pem_cert_path: str + :param pem_key_path: path to the PEM-formatted private key file + :type pem_key_path: str :return: None :raises: Exception if path is empty or None. """ @@ -116,7 +119,10 @@ class PKIConnection: raise Exception("No path for the certificate specified.") if len(str(pem_cert_path)) == 0: raise Exception("No path for the certificate specified.") - self.session.cert = pem_cert_path + if pem_key_path is not None: + self.session.cert = (pem_cert_path, pem_key_path) + else: + self.session.cert = pem_cert_path @catch_insecure_warning def get(self, path, headers=None, params=None, payload=None): -- cgit