Socket.D 应用 - SSL
使用SSL时,尽量用域名的形式连接(ws 可能会验证域名)。更多,请参考 python 关于 ssl 的信息。
1、单向认证
- 客户端
async def main():
clientSession1 = await SocketD.create_client("sd:wss://localhost:8602/?u=noear&p=2")
.open()
- 服务端
async def main():
ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
ssl_context.check_hostname = False
ssl_context.load_cert_chain(certfile=r"/data/ssl/server.crt", keyfile=r"/data/ssl/server.key")
#::启动服务端
await (SocketD.create_server("sd:ws")
.config(lambda c: c.port(8602).ssl_context(ssl_context))
.start())
1、双向认证
- 客户端
async def main():
ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
ssl_context.check_hostname = False
ssl_context.load_cert_chain(certfile=r"/data/ssl/server.crt", keyfile=r"/data/ssl/server.key")
clientSession1 = await SocketD.create_client("sd:ws://localhost:8602/?u=noear&p=2")
.config(lambda c: c.ssl_context(ssl_context))
.open()
- 服务端
async def main():
ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
ssl_context.verify_mode = ssl.CERT_REQUIRED # 强制要求进行证书验证
ssl_context.check_hostname = False
ssl_context.load_cert_chain(certfile=r"/data/ssl/server.crt", keyfile=r"/data/ssl/server.key")
#::启动服务端
await (SocketD.create_server("sd:ws")
.config(lambda c: c.port(8602).ssl_context(ssl_context))
.start())