Introduction
这次是一个小Lab,用给的CA证书以及一个私钥Key,通过SSL来访问远程的一个HTTPS服务器。
快速的做法就是先用Linux的curl工具调通,然后再用Python写一个程序出来。
Requirement
Every so often, a company will find itself needing to limit server access to
specific users in a way that is more secure than a simple username and
password.
The scheme that we’re addressing in this lab uses client-side SSL certificates
to authenticate user access to a server resource. The certificates are managed
on a per-user basis by a central Certification Authority (CA) and can be
revoked at any time. Client certificates play a key role in many mutual
authentication designs, providing strong assurances of a requester’s identity.
When it comes to handling requests for web application servers and serving
static content, the long tried and tested Nginx is an extremely popular choice
nowadays. The client verification therefore is done by the Nginx server as
part of a site’s SSL settings.
This lab requires you to write a program that establishes a connection to a
remote HTTPS server that is running on a machine.
This lab requires you to write a program that establishes a connection to a
remote HTTPS server that is running on a machine.
Your code needs to display the content of the page available.
Client authentication occurs when the server requests the client certificate
during the SSL handshake over the network. One thing to keep in mind is that
the server controls whether client authentication occurs; a client cannot ask
to be authenticated.
Your code may need the client certificate and key to access the URL above.
Please note that some libraries, instead, may require a binary format of the
client certificate along with the password which is chosen “3119” for this
lab.
