AppEngine上的SignedJwtAssertionCredentials无法识别PEM密钥 [英] SignedJwtAssertionCredentials on AppEngine doesn't recognize PEM key
问题描述
在appengine上(使用pycrypto 2.6)SignedJwtAssertionCredentials不支持PKCS12格式,因此我试图使用PEM键代替,正如所有地方所建议的那样。
这是我的代码:
f = file(os.path.join(os.path.dirname(__ file__),KEY_FILE) ,r)
key = f.read()
f.close()
credentials = SignedJwtAssertionCredentials(SERVICE_ACCOUNT_EMAIL,key,$ b $ scope =https: //www.googleapis.com/auth/drive
http = httplib2.Http()
http = credentials.authorize(http)
$ b 和 KEY_FILE
是一个PEM键,用命令转换:
openssl pkcs12 -in privatekey.p12 -nodes -nocerts> privatekey.pem
但我仍然遇到这个错误,就好像它没有识别出这是一个PEM键:
NotImplementedError:PyCrpto库不支持PKCS12格式。
尝试转换为PEM(openssl pkcs12 -in xxxxx.p12 -nodes -nocerts> privatekey.pem),或者如果本机代码是一个选项,则使用PyOpenSSL。
如果我只将文件名传递给构造函数(不读取文件内容) / p>
有什么想法吗?
是的,错误非常容易让人误解。你在做什么是好的;只需从PEM文件中删除头文件,使其以 ----- BEGIN PRIVATE KEY -----
开头,或者对其执行以下命令:
openssl pkcs8 -nocrypt -in privatekey.pem -passin pass:notasecret -topk8 -out pk.pem
SignedJwtAssertionCredentials on appengine (with pycrypto 2.6) doesn't support the PKCS12 format, therefore I'm trying to use PEM keys instead, as suggested everywhere..
this is my code:
f = file(os.path.join(os.path.dirname(__file__), KEY_FILE), "r")
key = f.read()
f.close()
credentials = SignedJwtAssertionCredentials(SERVICE_ACCOUNT_EMAIL, key,
scope="https://www.googleapis.com/auth/drive"
http = httplib2.Http()
http = credentials.authorize(http)
and the KEY_FILE
is a PEM key, converted with the command:
openssl pkcs12 -in privatekey.p12 -nodes -nocerts > privatekey.pem
but I still get this error, as if it didn't recognize that's a PEM key:
NotImplementedError: PKCS12 format is not supported by the PyCrpto library.
Try converting to a "PEM" (openssl pkcs12 -in xxxxx.p12 -nodes -nocerts > privatekey.pem) or using PyOpenSSL if native code is an option.
same error if I pass just the filename to the constructor (without reading the contents of the file)
any idea?
Yeah, the error is hugely misleading. What you're doing is fine; just remove the header from the PEM file so that it begins with -----BEGIN PRIVATE KEY-----
, or run the following command over it:
openssl pkcs8 -nocrypt -in privatekey.pem -passin pass:notasecret -topk8 -out pk.pem
这篇关于AppEngine上的SignedJwtAssertionCredentials无法识别PEM密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!