Skip to content
This repository has been archived by the owner on May 16, 2024. It is now read-only.

The example client does not verify the host's TLS certificate #3

Closed
unbounded opened this issue Sep 4, 2014 · 2 comments
Closed

The example client does not verify the host's TLS certificate #3

unbounded opened this issue Sep 4, 2014 · 2 comments

Comments

@unbounded
Copy link

bin/bankapi uses httplib.HTTPSConnection to establish connections using TLS.
However, the documentation for httplib.HTTPSConnection has the warning:
"Warning: This does not do any verification of the server’s certificate."

The client should either check the host's certificate, or refuse to use https.
@johto
Copy link
Contributor

johto commented Sep 6, 2014

I don't know Python's standard library well enough to do anything here. @Pelleplutt: could you have a look?

Pelleplutt pushed a commit that referenced this issue Sep 8, 2014
@perltrustly
Address issue #3, The example client does not verify the host's TLS c…
9bcef9d 
…ertificate

Switch away from httplib to the more fun requests. This enabled us among
other things to verify the SSL certificate in use when connecting. Also
add an -i switch to allow insecure connections if desired during
development or equiv.
@Pelleplutt
Copy link

I switched from httplib to reqeusts for doing the requests and this enables us to check for valid certificates easily during connections. Don't really know why I keep using the httplib, old habits I guess. Thank you for pointing this out.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@unbounded @johto @Pelleplutt