In Python's urllib3 under Client Certificates there is an option for key_password.
Currently, I have the key info in plaintext and I want to encrypt it before storing it on the disk.
Here is the implementation:
http = urllib3.PoolManager(
... cert_file='/path/to/your/client_cert.pem',
... cert_reqs='CERT_REQUIRED',
... key_file='/path/to/your/client.key',
... key_password='keyfile_password')
However, I have not been able to find any documentation around what kind of encryption is supported for the key.
Okay. I figured it out.
I used AES symmetric encryption to encrypt the key.
Here is the command:
# openssl rsa -aes256 -in <key-file-in-plaintext> -out <key-file-encrypted>
> openssl rsa -aes256 -in key.pem -out key.pem.encrypted
This will ask you to enter a passphrase and it'll create an RSA key for you.
You can use this passphrase and pass it to the key_password named parameter.
Disclaimer:
key_passwordis only supported in 1.25 and above versions of urllib3