osdir.com


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SSL/TLS support in Pyro4


..........
> 
> Hi Robin
> 
> I am not sure how this is any benefit over the self-signed root certs that I now use?
> 
> Except for the fact that these are a root cert as well and don't use any CA trust chain.
> To be able to validate this cert, I have to load it as a CA cert on the validating side.
> Which isn't bad perse.
> 
> I've used openssl as mentioned here to create my certs:
> https://docs.python.org/3.7/library/ssl.html#self-signed-certificates
.........Welle I was thinking perhaps you had trouble with self signed certs for 
some reason. I only used CA type setup because some recipe for mongo clusters 
seems to want that. I think the mariadb clusters were fine with simple self 
signed certs. However, if I control the cluster can I not just distribute the 
cert to all members and have them validate it against itself or does python 
refuse to do that? I vaguely remember some python apis allow the authority chain 
to be specified.
-- 
Robin Becker