Browse files

Document requirements for SNI support on Python2

A section for Request's advanced usage guide on what Server Name
Indication is, its purpose, and how to enable it on Python2.
  • Loading branch information...
Aaron Iles
Aaron Iles committed Feb 2, 2014
1 parent c608470 commit b5b8198fd1e872471f4523e0b450dfee33072242
Showing with 25 additions and 0 deletions.
  1. +25 −0 docs/user/advanced.rst
@@ -179,6 +179,31 @@ If you specify a wrong path or an invalid cert::
>>> requests.get('', cert='/wrong_path/server.pem')
SSLError: [Errno 336265225] _ssl.c:347: error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib
+Server Name Indication
+`Server Name Indication`_, or SNI, is an official extension to SSL where the
+client tells the server what hostname it is contacting. This enables `virtual
+hosting`_ on SSL protected sites.
+Python3's SSL module includes native support for SNI. This support has not been
+back ported to Python2. However, Requests will enable SNI support on Python2 if
+the following packages are installed:
+* `pyOpenSSL`_, a Python wrapper module around the OpenSSL library.
+* `ndg-httpsclient`_, enhanced HTTPS support for httplib and urllib2.
+* `pyasn1`_, ASN.1 types and codecs.
+When these packages are installed, Requests will automatically indicate to the
+server what hostname is being contacted. This allows the server to return the
+correct server certificate for SSL certificate verification.
+.. _`Server Name Indication`:
+.. _`virtual hosting`:
+.. _`pyOpenSSL`:
+.. _`ndg-httpsclient`:
+.. _`pyasn1`:
Body Content Workflow

0 comments on commit b5b8198

Please sign in to comment.