Security代写:CS3119 Client Authentication

Introduction

这次是一个小Lab,用给的CA证书以及一个私钥Key,通过SSL来访问远程的一个HTTPS服务器。
快速的做法就是先用Linux的curl工具调通,然后再用Python写一个程序出来。

Requirement

Every so often, a company will find itself needing to limit server access to specific users in a way that is more secure than a simple username and password.
The scheme that we’re addressing in this lab uses client-side SSL certificates to authenticate user access to a server resource. The certificates are managed on a per-user basis by a central Certification Authority (CA) and can be revoked at any time. Client certificates play a key role in many mutual authentication designs, providing strong assurances of a requester’s identity.
When it comes to handling requests for web application servers and serving static content, the long tried and tested Nginx is an extremely popular choice nowadays. The client verification therefore is done by the Nginx server as part of a site’s SSL settings.
This lab requires you to write a program that establishes a connection to a remote HTTPS server that is running on a machine.
This lab requires you to write a program that establishes a connection to a remote HTTPS server that is running on a machine.
Your code needs to display the content of the page available.
Client authentication occurs when the server requests the client certificate during the SSL handshake over the network. One thing to keep in mind is that the server controls whether client authentication occurs; a client cannot ask to be authenticated.
Your code may need the client certificate and key to access the URL above. Please note that some libraries, instead, may require a binary format of the client certificate along with the password which is chosen “3119” for this lab.