2

So I have a dynamically generated self signed certificate in python and I want to pass it to ssl.wrap_socket but it looks like that function only accepts a file name as a parameter.

I know I could write the file to disk and then read it back then delete it, I'm also running on Linux so I could write it to /run/user/1000/ so it doesn't have to touch a real drive but, this still feels wrong. Anyone got a way I can bypass the file generation step entirely? 

httpd.socket = ssl.wrap_socket (httpd.socket, certfile="cert.pem", server_side=True)

Thanks!

Improve this question
1

1 Answer 1

Reset to default
1

No.

Unfortunately, it doesn't look like the SSL library supports it. You can view the source of the method you're calling here:

https://github.com/python/cpython/blob/master/Lib/ssl.py#L1131

and it appears the certfile name is being passed all the way along to the C code for handling SSL (you can follow the certfile parameter through a few function calls in the above file):

https://github.com/python/cpython/blob/master/Modules/_ssl.c#L3240

Sorry!!

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Fair enough. I've heard a few people say openSSL is a dogs dinner, I'm starting to believe it! Thanks for the quick and definitive response.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.