About OpenERP server SSL Client authentication Support.
-
About OpenERP server's SSL Client authentication Support..
netsvr.py<br />.....<br /><br />class SSLSocket(object):<br /> def __init__(self, socket):<br /> if not hasattr(socket, 'sock_shutdown'):<br /> from OpenSSL import SSL<br /> from OpenSSL import crypto # add by mrshelly<mrshelly at hotmail.com><br /> ctx = SSL.Context(SSL.SSLv23_METHOD)<br /> if not tools.config['SSLVerifyClient'] :<br /> ctx.use_privatekey_file(tools.config['secure_pkey_file'])<br /> ctx.use_certificate_file(tools.config['secure_cert_file'])<br /> else:<br /> # add by mrshelly<mrshelly at hotmail.com> block<br /> ctx.use_privatekey_file(tools.config['secure_pkey_file'])<br /> ctx.use_certificate_file(tools.config['secure_cert_file']')<br /><br /> x509 = crypto.load_certificate(crypto.FILETYPE_PEM, open(tools.config['secure_ca_cert_file']).read()) #maybe add "secure_ca_cert_file = Your Ca Cert file path' and "SSLVerifyClient = True" node to your openerp-server.conf file...<br /> store = ctx.get_cert_store()<br /> store.add_cert(x509)<br /> ctx.set_verify(SSL.VERIFY_PEER | SSL.VERIFY_FAIL_IF_NO_PEER_CERT, lambda *x:True)<br /> # add by mrshelly<mrshelly at hotmail.com> block<br /><br /> self.socket = SSL.Connection(ctx, socket)<br /> else:<br /> self.socket = socket<br />....<br />
And set the "secure = True", put your "secure_pkey_file", "secure_cert_file" and "secure_ca_cert_file". restart the OpenERP server..
And In your VBA Application to test it:<br /><br />Sub PutXML()<br /> <br />txtURL = "https://localhost:8069/xmlrpc/object"<br /> <br /> Dim objSvrHTTP As ServerXMLHTTP<br /> Dim strT As String<br /> Set objSvrHTTP = New ServerXMLHTTP<br /> <br /> objSvrHTTP.Open "POST", txtURL, False<br /> <br /> 'objSvrHTTP.setRequestHeader "Accept", "application/xml"<br /> objSvrHTTP.setRequestHeader "Content-Type", "text/xml"<br /> <br /> strT = "<?xml version=''1.0''?>"<br /> strT = strT & "<methodCall>"<br /> strT = strT & "<methodName>execute</methodName>"<br /> strT = strT & "<params>"<br /> <br /> strT = strT & "<param>"<br /> strT = strT & "<value><string>test</string></value>"<br /> strT = strT & "</param>"<br /> <br /> strT = strT & "<param>"<br /> strT = strT & "<value><int>1</int></value>"<br /> strT = strT & "</param>"<br /> <br /> strT = strT & "<param>"<br /> strT = strT & "<value><string>admin</string></value>"<br /> strT = strT & "</param>"<br /> <br /> strT = strT & "<param>"<br /> strT = strT & "<value><string>res.users</string></value>"<br /> strT = strT & "</param>"<br /> <br /> strT = strT & "<param>"<br /> strT = strT & "<value><string>read</string></value>"<br /> strT = strT & "</param>"<br /> <br /> strT = strT & "<param>"<br /> strT = strT & "<value><array><data><value><int>1</int></value></data></array></value>"<br /> strT = strT & "</param>"<br /> <br /> strT = strT & "</params>"<br /> strT = strT & "</methodCall>"<br /> <br /> <br /> objSvrHTTP.send strT<br /> <br /> MsgBox objSvrHTTP.responseText<br /> <br />End Sub<br />
Have a good testing....
By mrshelly <mrshelly at hotmail.com> 2010/12/05
