Our company policy requires an SSL private key to be encrypted. Unfortunately, my script is using the requests library which doesn't support this, as written in its documentation (feature request : https://github.com/psf/requests/issues/1573)
There seems to be a workaround by using a custom adapater (https://github.com/m-click/requests_pkcs12) which is using pkcs12 package files (which contain both the certificate and the key and can be encrypted). I've installed this adapter under "lib" in my app directory (and I added the line of code to my script to append this path to the library path).
But this adapter is requiring the pyopenssl library (shipped with Splunk, installed in the python default library path) but this one, in turns, requires ndg.httpsclient.ssl_peer_verification (not shipped with Splunk!). So the adapter fails to load.
So in the end 2 questions:
1) Is anybody having to use client-side SSL authentication to query an API and is using an encrypted key ? How to make it work ?
2) Is there a clean way to add ndg.httpsclient.ssl_peer_verification to the libraries available to splunk so that pyopenssl can be loaded ? I've tried to add it to my app's "lib" directory but it seems that pyopenssl can not find it (maybe it expects to find it in the "default" directory ?)