I'm writing an application in Google App Engine, and I'm trying to send HTTPS requests (GET / POST) from GAE to a private server.
Is there any method to achieve a request with: - sending request with client certificate/key; - verify server certificate; AND using SNI support?
I'v tried to use:
- urllib2 -> but it can't verifies server CA;
- urlfetch -> it only verifies server CA;
- urllib3 -> i'm getting "_ssl.c:529: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed", caused by missing SNI support;
- lib requests -> same of urllib3.
I'v also tried for SNI to put libraries on Google App Engine as indicated in using requests with TLS doesn't give SNI support
- pyOpenSSL
- ndg-httpsclient
- pyasn1
But pyOpenSSL has C dependencies, so there is no way to use it, and it's not supported as third party library.
TL;DR: sending request from GAE to private server in SSL with client cert, verify server CA and SNI support seems to be impossible. I think the matter is:
python version in GAE, that is 2.7.5 and not 2.7.9 (with backported SNI compatibilty).
maybe also SSL version included in GAE is not supporting SNI ( ssl has not HAS_SNI attr)
How can I do that?
