python证书有什么用_Python:使用pyOpenSSL.cryp读取pkcs12证书

也许回答一个老问题是错误的，但我认为这可能有助于有人在我之后找到这个问题。这个解决方案适用于python 3，我认为更好一些。我在the repo of zeep中找到它，是一个封装用法的类。

类import os

from OpenSSL import crypto

class PKCS12Manager():

def __init__(self, p12file, passphrase):

self.p12file = p12file

self.unlock = passphrase

self.webservices_dir = ''

self.keyfile = ''

self.certfile = ''

# Get filename without extension

ext = os.path.splitext(p12file)

self.filebasename = os.path.basename(ext[0])

self.createPrivateCertStore()

self.p12topem()

def getKey(self):

return self.keyfile

def getCert(self):

return self.certfile

def createPrivateCertStore(self):

home = os.path.expanduser('~')

webservices_dir = os.path.join(home, '.webservices')

if not os.path.exists(webservices_dir):

os.mkdir(webservices_dir)

os.chmod(webservices_dir, 0o700)

self.webservices_dir = webservices_dir

def p12topem(self):

p12 = crypto.load_pkcs12(open(self.p12file, 'rb').read(), bytes(self.unlock, 'utf-8'))

# PEM formatted private key

key = crypto.dump_privatekey(crypto.FILETYPE_PEM, p12.get_privatekey())

self.keyfile = os.path.join(self.webservices_dir, self.filebasename + ".key.pem")

open(self.keyfile, 'a').close()

os.chmod(self.keyfile, 0o600)

with open(self.keyfile, 'wb') as f:

f.write(key)

# PEM formatted certificate

cert = crypto.dump_certificate(crypto.FILETYPE_PEM, p12.get_certificate())

self.certfile = os.path.join(self.webservices_dir, self.filebasename + ".crt.pem")

open(self.certfile, 'a').close()

os.chmod(self.certfile, 0o644)

with open(self.certfile, 'wb') as f:

f.write(cert)

用法from requests import Session

from zeep import Client

from zeep.transports import Transport

# https://github.com/mvantellingen/python-zeep/issues/824

pkcs12 = PKCS12Manager('cert.p12', 'password_for_cert')

session = Session()

session.cert = (pkcs12.getCert(), pkcs12.getKey())

transport = Transport(session=session)

client = Client('url_service', transport=transport)