vog
commented
4 years ago I'm not sure how to help here, but this issue may be related to #7.
Closed deajan closed 3 years ago
vog
commented
4 years ago I'm not sure how to help here, but this issue may be related to #7.
deajan
commented
4 years ago @vog thanks. I actually read that issue, but there aren't really solutions in there ;( I'll report back if somehow I find how to get TLSv1.3 to work.
vog
commented
4 years ago Has there been any progress on this?
vog
commented
3 years ago I'm closing this issue for now due to inactivity for a very long time.
@deajan Please feel free to open a new issue and/or pull request if you'd like to share any progress on this topic.
Hello,
First off, I don't know if this is a requests_pkcs12 problem or a requests problem, so sorry for the noise if it hasn't anything todo with your repo.
Using requests_pkcs12 as drop-in replacement for requests, without much problems, except being able to use TLSv1.3 when using a p12 certificate.
As soon as I configure my apache server to use TLSv1.3 via
SSLProtocol -All +TLSv1.3, I get the following error:On the python client side, I get a HTTP 403.
Having read alot about that problem, I tried to find a way to force post handshake authentication which seems necessary for TLSv1.3, see https://bugs.python.org/issue37428 TLSv1.3 post handshake support has been included in urllib3 1.25.7 as it seems (https://github.com/urllib3/urllib3/pull/1635 )
I am using requests 2.22.0, urllib3 1.25.7 and requests_pkcs12 1.6.
I've searched for a way to force adding post handshaking by adding a on line 41 of requests_pkcs12.py:
I tried to read PyOpenSSLContext class, but in the end I don't know where to force enable the post handshake authentication.
Could you help me perhaps ? Willing to make a lot of tests if required.
Best regards.
[Edit] I've searched for https://docs.python.org/3/library/ssl.html#ssl.SSLContext.post_handshake_auth Seems this only works with Python 3.8. Decided to upgrade, then set the option. I am unable to get this to work. [/Edit]