Security questions all around.
Hi all, I've got a bundle of possible security questions. First off, I am trying to do credit card processing. The way I have it set up I have a few possible ways to do this, each with their own roadblock. First off, and the way I would ideally like to do it, since I have invested the most time in it, is calling a python script that would make an HTTPS connection to the payment gateway, process the returned information, and give the user some feedback. A plus of this method is that the user never leaves my site. The current problem is my limited understanding of SSL. I get a SSL_CTX_use_PrivateKey_file error, raised in the httplib module. Second, I can have the user submit the data directly to the payment gateway, and allow the payment gateway to redirect them back to a summary page. The problem is then confirming that the user is actually being redirected. My payment gateway returns the data signed with PGP, but I have almost never worked with PGP, and I would have little idea where to start. Any help at all would be appreciated. Thanks, Alec Munro
Alec Munro wrote at 2003-1-27 13:52 -0400:
... First off, and the way I would ideally like to do it, since I have invested the most time in it, is calling a python script that would make an HTTPS connection to the payment gateway, process the returned information, and give the user some feedback. A plus of this method is that the user never leaves my site. The current problem is my limited understanding of SSL. I get a SSL_CTX_use_PrivateKey_file error, raised in the httplib module. Apparently, you want to learn something about SSL support in "htmllib".
Ideally, it would be documented. Because documentation is often behind the software, look into the latest available documentation and check whether it works as described their. If necessary, look at the source.
Second, I can have the user submit the data directly to the payment gateway, and allow the payment gateway to redirect them back to a summary page. The problem is then confirming that the user is actually being redirected. My payment gateway returns the data signed with PGP, but I have almost never worked with PGP, and I would have little idea where to start. Again, find PGP documentation and read it.
Dieter
Hi all, I realized that I was trying to use a certificate when I didn't need to, and that the reason I had been having problems when not using a certificate was that I was closing the connection before reading the data from it. This would return a blank page, rather than an error, so I assumed the problem was somewhere else. Like the following. conn = HTTPSConnection(host, port) conn.request("POST", "/index.html") r1 = conn.getresponse() conn.close() print r1.status, r1.reason "200 OK" print r1.read() "" Thanks, Alec Munro
participants (2)
-
Alec Munro -
Dieter Maurer