擅长:python、mysql、java
<p>首先连接,然后包装插座。</p>
<pre><code>import socket, ssl
sock = socket.create_connection( ('localhost', 443) )
sock = ssl.wrap_socket(sock, ca_certs="./pki/signing-dss-cert.pem", cert_reqs=ssl.CERT_REQUIRED, ssl_version=ssl.PROTOCOL_TLSv1)
</code></pre>
<p>在python2的情况下,我有时也会使用下面的hack(因为<code>httplib.HTTPSConnection</code>文档说它不在https服务器证书上执行任何类型的检查):</p>
<pre><code>import urllib, httplib, ssl
PATH = urllib.quote(u'/'.encode('utf-8'))
conn = httplib.HTTPConnection('www.google.com', 443)
conn.connect()
try:
conn.sock = ssl.wrap_socket(conn.sock, cert_reqs=ssl.CERT_REQUIRED, ca_certs=CA_BUNDLE_FILE, ssl_version=VERSION)
conn.request('GET', PATH)
resp = conn.getresponse()
print resp.status
print resp.read()
finally:
conn.close()
</code></pre>
<p>注意,如果您想与服务器通信,那么使用http客户端通常比使用原始套接字要容易得多。</p>