{"id":1619,"date":"2019-06-29T14:02:30","date_gmt":"2019-06-29T06:02:30","guid":{"rendered":"https:\/\/www.techcoil.com\/blog\/?p=1619"},"modified":"2022-01-24T11:10:59","modified_gmt":"2022-01-24T03:10:59","slug":"how-to-send-a-http-request-with-client-certificate-private-key-password-secret-in-python-3","status":"publish","type":"post","link":"https:\/\/www.techcoil.com\/blog\/how-to-send-a-http-request-with-client-certificate-private-key-password-secret-in-python-3\/","title":{"rendered":"How to send a HTTP request with client certificate + private key + password\/secret in Python 3"},"content":{"rendered":"

When we need to create a HTTP client<\/a> that communicates with a HTTP server<\/a> through certificate-based authentication, we will typically have to download a certificate, in .pem<\/code> format, from the server. <\/p>\n

After we had downloaded the .pem<\/code> file, the HTTP client will use the private key and certificate to authenticate itself with the HTTP server. Sometimes, the HTTP client will need to decrypt the private key with a password\/secret first.<\/p>\n

So with a .pem<\/code> file and a password\/secret, how can you create a HTTP client in Python 3 to send a HTTP request<\/a> to the HTTP server?<\/p>\n

In case you need it, this post shows how to send a HTTP request with client certificate + private key + password\/secret in Python 3.<\/p>\n

Creating the sample Python 3 code that send a HTTP Post request to a HTTP endpoint with client certificate + private key + password\/secret <\/h2>\n

Let's assume that there is an HTTP endpoint at https:\/\/example.com\/a\/http\/url<\/strong> that authenticates clients with client certificates and receives HTTP Post requests. <\/p>\n

In addition to that, the .pem<\/code> file is named as a_certificate_file.pem<\/code><\/strong> and the certificate secret is your_certificate_secret<\/strong>.<\/p>\n

Given these points, you can create a Python 3 file in the same folder as the .pem<\/code> file with the following content to send a HTTP Post request to that HTTP endpoint:<\/p>\n

\r\nimport http.client\r\nimport json\r\nimport ssl\r\n\r\n# Defining certificate related stuff and host of endpoint\r\ncertificate_file = 'a_certificate_file.pem'\r\ncertificate_secret= 'your_certificate_secret'\r\nhost = 'example.com'\r\n\r\n# Defining parts of the HTTP request\r\nrequest_url='\/a\/http\/url' \r\nrequest_headers = {\r\n    'Content-Type': 'application\/json'\r\n}\r\nrequest_body_dict={\r\n    'Temperature': 38,\r\n    'Humidity': 80\r\n}\r\n\r\n# Define the client certificate settings for https connection\r\ncontext = ssl.SSLContext(ssl.PROTOCOL_SSLv23)\r\ncontext.load_cert_chain(certfile=certificate_file, password=certificate_secret)\r\n\r\n# Create a connection to submit HTTP requests\r\nconnection = http.client.HTTPSConnection(host, port=443, context=context)\r\n\r\n# Use connection to submit a HTTP POST request\r\nconnection.request(method="POST", url=request_url, headers=request_headers, body=json.dumps(request_body_dict))\r\n\r\n# Print the HTTP response from the IOT service endpoint\r\nresponse = connection.getresponse()\r\nprint(response.status, response.reason)\r\ndata = response.read()\r\nprint(data)\r\n<\/pre>\n
Understanding the sample Python 3 code that send a HTTP Post request to a HTTP endpoint with client certificate + private key + password\/secret<\/h2>\n
First of all, we indicate that we wish to use some functionalities from http.client<\/a>, json<\/a> and ssl<\/a> modules:<\/p>\n
\r\nimport http.client\r\nimport json\r\nimport ssl\r\n<\/pre>\n
After that, we define some variables for certificate related stuff, host of endpoint and parts of the HTTP request:<\/p>\n
\r\n# Defining certificate related stuff and host of endpoint\r\ncertificate_file = 'a_certificate_file.pem'\r\ncertificate_secret= 'your_certificate_secret'\r\nhost = 'example.com'\r\n\r\n# Defining parts of the HTTP request\r\nrequest_url='\/a\/http\/url' \r\nrequest_headers = {\r\n    'Content-Type': 'application\/json'\r\n}\r\nrequest_body_dict={\r\n    'Temperature': 38,\r\n    'Humidity': 80\r\n}\r\n<\/pre>\n
Once we had defined the variables, we create a ssl.SSLContext<\/code><\/a> object and load the certificate chain<\/a> with what we have from the server:<\/p>\n
\r\n# Define the client certificate settings for https connection\r\ncontext = ssl.SSLContext(ssl.PROTOCOL_SSLv23)\r\ncontext.load_cert_chain(certfile=certificate_file, password=certificate_secret)\r\n<\/pre>\n
Given that we have the SSL context, we then create a http.client.HTTPSConnection<\/code><\/a> object for sending HTTP requests to the server:<\/p>\n
\r\n# Create a connection to submit HTTP requests\r\nconnection = http.client.HTTPSConnection(host, port=443, context=context)\r\n<\/pre>\n
At this point of time, we can then use the http.client.HTTPSConnection<\/code> object to send a HTTP request to the server endpoint:<\/p>\n
\r\n# Use connection to submit a HTTP POST request\r\nconnection.request(method="POST", url=request_url, headers=request_headers, body=json.dumps(request_body_dict))\r\n<\/pre>\n
Finally, we simply print some parts of the HTTP response<\/a> that the server returns back to our client:<\/p>\n
\r\n# Print the HTTP response from the IOT service endpoint\r\nresponse = connection.getresponse()\r\nprint(response.status, response.reason)\r\ndata = response.read()\r\nprint(data)\r\n<\/pre>\n\n