Ok, I figured out what was wrong. It was kind of foolish of me. I had two problems with my code. My first mistake was when specifying the ssl_version I put in TLSv1 when it should have been ssl.PROTOCOL_TLSv1. The second mistake was that I wasn't referencing the wrapped socket, instead I was calling the original socket that I have created. The below code seemed to work for me.
import socket
import ssl
# SET VARIABLES
packet, reply = "<packet>SOME_DATA</packet>", ""
HOST, PORT = 'XX.XX.XX.XX', 4434
# CREATE SOCKET
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(10)
# WRAP SOCKET
wrappedSocket = ssl.wrap_socket(sock, ssl_version=ssl.PROTOCOL_TLSv1, ciphers="ADH-AES256-SHA")
# CONNECT AND PRINT REPLY
wrappedSocket.connect((HOST, PORT))
wrappedSocket.send(packet)
print wrappedSocket.recv(1280)
# CLOSE SOCKET CONNECTION
wrappedSocket.close()
Hope this can help somebody!
Answer from Raffi on Stack OverflowPython
docs.python.org › 3 › library › ssl.html
ssl — TLS/SSL wrapper for socket objects — Python 3.14.4 ...
SSLContext objects have the following methods and attributes: ... Get statistics about quantities of loaded X.509 certificates, count of X.509 certificates flagged as CA certificates and certificate revocation lists as dictionary. Example for a context with one CA cert and one other cert:
Top answer 1 of 4
101
Ok, I figured out what was wrong. It was kind of foolish of me. I had two problems with my code. My first mistake was when specifying the ssl_version I put in TLSv1 when it should have been ssl.PROTOCOL_TLSv1. The second mistake was that I wasn't referencing the wrapped socket, instead I was calling the original socket that I have created. The below code seemed to work for me.
import socket
import ssl
# SET VARIABLES
packet, reply = "<packet>SOME_DATA</packet>", ""
HOST, PORT = 'XX.XX.XX.XX', 4434
# CREATE SOCKET
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(10)
# WRAP SOCKET
wrappedSocket = ssl.wrap_socket(sock, ssl_version=ssl.PROTOCOL_TLSv1, ciphers="ADH-AES256-SHA")
# CONNECT AND PRINT REPLY
wrappedSocket.connect((HOST, PORT))
wrappedSocket.send(packet)
print wrappedSocket.recv(1280)
# CLOSE SOCKET CONNECTION
wrappedSocket.close()
Hope this can help somebody!
2 of 4
11
You shouldn't be setting PROTOCOL_TLSv1 (or TLSv1). This restricts the connection to TLS v1.0 only. Instead you want PROTOCOL_TLS (or the deprecated PROTOCOL_SSLv23) that supports all versions supported by the library.
You're using an anonymous cipher, because for some reason you think you don't need a certificate or key. This means that there is no authentication of the server and that you're vulnerable to a man in the middle attack. Unless you really know what you're doing, I suggest you don't use anonymous ciphers (like ADH-AES256-SHA).
python3 with ldap3 over TLS 5875 error
Here is imo good example code on how to do what you want. https://github.com/AUCR/AUCR/blob/master/aucr_app/plugins/auth/ldap_utils.py#L13 granted it goes a bit further and checks for the user email address however it should be a good reference. Lmk if you have questions beyond that More on reddit.com
2
0
March 23, 2019confluent-kafka-python cannot get ssl to work
Do you use "ssl" exactly? Have you tried upper case? https://kafka.apache.org/11/javadoc/org/apache/kafka/common/security/auth/SecurityProtocol.html More on reddit.com
2
1
June 21, 2019MySQLdb and SSL
Would be helpful to fix your formatting on Reddit or post a link to your code on Pastebin :) For Reddit, put 4 spaces at the beginning of every line in your reddit post to format as code (so 4 spaces for an unindented line, 8 (4+4) for a single indented line, etc.) ░░░░def likeThis(): ░░░░░░░░# do some stuff becomes this: def likeThis(): # do some stuff More on reddit.com
6
4
September 26, 2017Python requests - SSL Error - [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE]
I did some digging and I found this https://github.com/urllib3/urllib3/issues/3020 Seems like the underlying issue is that python 3.10+ on Mac removes LibreSSL support? Not sure, to be completely honest most of whats on this page goes over my head but I downgraded to 3.10 (Issue still exists) and then down to 3.9 and the issue was resolved. To be honest downgrading to 3.9 is not ideal for me, but it's working now. I plan on re-reading the the above link again later when my brain is less fried to see if I can do anything to make it work on 3.11. Figured I'd share this now incase it helps anyone else running into the same issue. More on reddit.com
4
2
August 14, 2023Videos
08:13
Python tcp client and server with SSL encryption and self signed ...
18:21
TLS & HTTPS with Python - Digital Certificates - YouTube
11:10
How to Resolve SSL & TSL Certificate in Python - YouTube
25:30
Gentle introduction to TLS, PKI, and Python's ssl module - Christian ...
17:14
Python Flask Tutorial: How to enable HTTPS with a free SSL/TLS ...
02:09
Python Requests | SSL - YouTube
Snyk
snyk.io › blog › implementing-tls-ssl-python
Implementing TLS/SSL in Python | Snyk
October 16, 2022 - The code above imports the requests Python module and uses it to make a GET request to the Twitter website. (To run the script, you must install the requests module in Python using pip). We can replace Twitter’s URL with the URL of the website whose SSL certificate we want to verify.
Python
docs.python.org › 3.3 › library › ssl.html
18.2. ssl — TLS/SSL wrapper for socket objects — Python 3.3.7 documentation
To test for the presence of SSL support in a Python installation, user code should use the following idiom: try: import ssl except ImportError: pass else: ... # do something that requires SSL support · This example connects to an SSL server and prints the server’s certificate:
Python
docs.python.org › 3.0 › library › ssl.html
ssl — SSL wrapper for socket objects — Python v3.0.1 documentation
To test for the presence of SSL support in a Python installation, user code should use the following idiom: try: import ssl except ImportError: pass else: [ do something that requires SSL support ] This example connects to an SSL server, prints the server’s address and certificate, sends ...
W3Schools
w3schools.com › python › ref_module_ssl.asp
Python ssl Module
Python Examples Python Compiler Python Exercises Python Quiz Python Challenges Python Practice Problems Python Server Python Syllabus Python Study Plan Python Interview Q&A Python Bootcamp Python Certificate Python Training · ❮ Standard Library Modules · Get SSL/TLS protocol version: import ssl print(f'OpenSSL version: {ssl.OPENSSL_VERSION}') print(f'Has SNI: {ssl.HAS_SNI}') Try it Yourself » ·
MicroPython
docs.micropython.org › en › latest › library › ssl.html
ssl – SSL/TLS module — MicroPython latest documentation
Wrap the given sock and return a new wrapped-socket object. The implementation of this function is to first create an SSLContext and then call the SSLContext.wrap_socket method on that context object. The arguments sock, server_side and server_hostname are passed through unchanged to the method ...
Linux Hint
linuxhint.com › python-ssl-example
Python SSL Example
Linux Hint LLC, [email protected] 1210 Kelly Park Circle, Morgan Hill, CA 95037 Privacy Policy and Terms of Use
Readthedocs
python-security.readthedocs.io › ssl.html
Python SSL and TLS security — Python Security 0.0 documentation
Windows: ssl.enum_certificates(store_name), new in Python 3.4.
Markusholtermann
markusholtermann.eu › 2016 › 09 › ssl-all-the-things-in-python
Markus Holtermann — SSL All The Things In Python
And finally you connect to the server. import socket, ssl HOST, PORT = 'example.com', 443 def handle(conn): conn.write(b'GET / HTTP/1.1\n') print(conn.recv().decode()) def main(): sock = socket.socket(socket.AF_INET) context = ssl.create_de...
Pythontic
pythontic.com › ssl › sslsocket › introduction
The SSLSocket class in Python | Pythontic.com
The SSL server program creates a server socket and listens on port 15001 on localhost.
PyPI
pypi.org › project › ssl
ssl · PyPI
April 20, 2013 - The old socket.ssl() support for TLS over sockets is being superseded in Python 2.6 by a new ‘ssl’ module.
» pip install ssl
DataFlair
data-flair.training › blogs › 4-step-python-ssl-tutorial-to-secure-your-websites
4-step Python SSL Tutorial to Secure Your Websites - DataFlair
May 1, 2023 - Save the new directory as “mydomain.com.combinecd.cert.” Further, send an encrypted private key securely with the CSR to a CA so that they can verify your identity as a Python developer or as a requestor before issuing the certificate. 1. Once you have obtained the SSL certificate, save it in a file with a .pem extension. For example, if the certificate is named ‘certificate.crt’, you could save it as ‘certificate.pem’.
GitHub
gist.github.com › marshalhayes › ca9508f97d673b6fb73ba64a67b76ce8
TLS encryption of Python sockets using the "SSL" module · GitHub
TLS encryption of Python sockets using the "SSL" module · Raw · README.md · Follow these steps before trying to run any code. First, generate a Certificate Authority (CA). openssl genrsa -out rootCA.key 2048 · Second, self-sign it. openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 365 -out rootCA.pem ·
GitHub
github.com › python › cpython › blob › main › Lib › ssl.py
cpython/Lib/ssl.py at main · python/cpython
# Wrapper module for _ssl, providing some additional facilities · # implemented in Python.
Author python
Codiga
codiga.io › blog › python-ssl-versions
SSL module in Python: stay secure!
October 17, 2022 - The Python ssl module provides functions and classes to use Secure Sockets Layer (SSL) and Transport Layer Security (TLS) to secure communication both server and client side.
K-state
faculty.salina.k-state.edu › tim › NPstudy_guide › ssl › ssl.html
8. Topic 5 - SSL — Network Programming Study Guide
Limited support in pre-Python 2.6 built-in socket module ... Create a wrapper to it make easier to use (see below). The basic-wrap.py program on page 328-329 is a good example of using a buffer to read from a socket. The buffer is implemented mainly to provide readline() functionality, which is already available for non-SSL ...
GitHub
gist.github.com › Oborichkin › d8d0c7823fd6db3abeb25f69352a5299
Simple TLS client and server on python · GitHub
November 2, 2019 - To avoid getting the deprecation warning and update the code SSLContext method must be used and the unwrapped socket closed as specified at https://pythontic.com/ssl/sslcontext/sslcontext :
Python
wiki.python.org › moin › SSL
SSL - Python Wiki
Let's illustrate ssl vulnerability in Python 2.x versions. The following snippet should fail - it replaces HOST "www.google.com" to connect to with its IP address.