Does a client certificate identify the owner to unrelated websites?











up vote
6
down vote

favorite
3












If I install a client certificate in my browser, which websites can see any information about this client certificate or the CA that issued it?



I once visited an ssl diagnostic site that immediately reported back information from one of my client certificates, including my name (which I had put in the CA that issued the client certificate).



This is related to: Protecting information in TLS client certificates
But that's about how the certificate is sent to the website that the certificate is intended for. I'm asking about unrelated websites.






certificates certificate-authority







share|improve this question









New contributor




user13097 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • I can't reproduce this behaviour (see below). Can you add more details about your setup? In particular, which browser you're using?
    – Mike Ounsworth
    3 hours ago















up vote
6
down vote

favorite
3












If I install a client certificate in my browser, which websites can see any information about this client certificate or the CA that issued it?



I once visited an ssl diagnostic site that immediately reported back information from one of my client certificates, including my name (which I had put in the CA that issued the client certificate).



This is related to: Protecting information in TLS client certificates
But that's about how the certificate is sent to the website that the certificate is intended for. I'm asking about unrelated websites.






certificates certificate-authority







share|improve this question









New contributor




user13097 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • I can't reproduce this behaviour (see below). Can you add more details about your setup? In particular, which browser you're using?
    – Mike Ounsworth
    3 hours ago













up vote
6
down vote

favorite
3









up vote
6
down vote

favorite
3






3





If I install a client certificate in my browser, which websites can see any information about this client certificate or the CA that issued it?



I once visited an ssl diagnostic site that immediately reported back information from one of my client certificates, including my name (which I had put in the CA that issued the client certificate).



This is related to: Protecting information in TLS client certificates
But that's about how the certificate is sent to the website that the certificate is intended for. I'm asking about unrelated websites.






certificates certificate-authority







share|improve this question









New contributor




user13097 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











If I install a client certificate in my browser, which websites can see any information about this client certificate or the CA that issued it?



I once visited an ssl diagnostic site that immediately reported back information from one of my client certificates, including my name (which I had put in the CA that issued the client certificate).



This is related to: Protecting information in TLS client certificates
But that's about how the certificate is sent to the website that the certificate is intended for. I'm asking about unrelated websites.






certificates certificate-authority




certificates certificate-authority






share|improve this question









New contributor




user13097 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




user13097 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 4 hours ago





















New contributor




user13097 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 4 hours ago









user13097

312




312




New contributor




user13097 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





user13097 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






user13097 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












  • I can't reproduce this behaviour (see below). Can you add more details about your setup? In particular, which browser you're using?
    – Mike Ounsworth
    3 hours ago


















  • I can't reproduce this behaviour (see below). Can you add more details about your setup? In particular, which browser you're using?
    – Mike Ounsworth
    3 hours ago
















I can't reproduce this behaviour (see below). Can you add more details about your setup? In particular, which browser you're using?
– Mike Ounsworth
3 hours ago




I can't reproduce this behaviour (see below). Can you add more details about your setup? In particular, which browser you're using?
– Mike Ounsworth
3 hours ago










1 Answer
1






active

oldest

votes

















up vote
4
down vote













Interesting question! I just so happen to have a browser full of test certs, and a number of test sites to connect to! Let's test this!



(Skip to the bottom for a summary)



Investigation



Testing on Firefox



Firefox loaded with certs, a test site that requires a TLS client cert, Wireshark.



I restarted Firefox to get a clean session. Then I entered the URL of a website that will ask for a TLS client cert, and stopped once I got the "Please choose a certificate" popup. This is the wireshark packet capture up to that point:



Wireshark packet capture of a mutual-auth TLS handshake from Firefox



Things to note:



The client sends a generic ClientHello.



The server sends a ServerHello that includes the server cert, and a request for a client cert.



At this point Firefox presents the popup for me to select which cert I wish to send. If I hit Cancel, then there is no further network traffic, ie nothing is sent to the server beyond the generic ClientHello which contains no personally identifiable information. (apart from the list of supported cipher suites, which could be used to determine which version of which browser you're using)



Note1: I tried the same test with only one client cert in my browser, and I even clicked "Remember this decision" on the cert selection popup, and get the same result. So I am unable to reproduce your result of private data being sent to the server without me clicking "OK".



Note2: As pointed out by @JohnWu in comments, you can change Firefox's behaviour in settings in which case it behaves in the same insecure way as Chrome below. Default setting is:



Firefox default setting for whether to prompt you for a certificate or to select one for you



Testing on Chrome



Exactly the same test scenario as above, but with Chrome. (Note that Chrome does not have its own cert store, but instead uses your Windows cert store, which is a bit trickier to manipulate than Firefox. Details for that not included here.)



BINGO!! Chrome immediately starts sending client certs up to the server without any user prompts. This cert got rejected by the server cause that cert was for a different website. Yup, that's a privacy concern alright.



Wireshark packet capture of a mutual-auth TLS handshake from Chrome



Summary



In my testing with the two browsers that I have in my test environment (Firefox and Chrome), Chrome exihited the behaviour you describe (spamming client certs at the server regardless of whether they are from a different site), while Firefox politely asked me to confirm which cert to send, even when I only had one cert installed.



Conclusion: If you care about privacy, then Chrome is not your friend. Use Firefox instead.






share|improve this answer























  • Every once in a while there is a question here where I'm not sure there is a clear answer but it needs testing. I'm very, very curious to see what further testing reveals.
    – schroeder
    3 hours ago






  • 1




    On it! Hold tight! More edits incoming.
    – Mike Ounsworth
    3 hours ago








  • 1




    @schroeder Huzzah! Answer: if you're a fan of privacy, then Chrome is not your friend.
    – Mike Ounsworth
    3 hours ago










  • Awesome work! Care to test any other browsers? Got a blog to post this research to (and reference sec.se)?
    – schroeder
    3 hours ago










  • @schroeder heh, sadly no to all. It is however, time to make dinner :P
    – Mike Ounsworth
    3 hours ago











Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "162"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});






user13097 is a new contributor. Be nice, and check out our Code of Conduct.










draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f199515%2fdoes-a-client-certificate-identify-the-owner-to-unrelated-websites%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
4
down vote













Interesting question! I just so happen to have a browser full of test certs, and a number of test sites to connect to! Let's test this!



(Skip to the bottom for a summary)



Investigation



Testing on Firefox



Firefox loaded with certs, a test site that requires a TLS client cert, Wireshark.



I restarted Firefox to get a clean session. Then I entered the URL of a website that will ask for a TLS client cert, and stopped once I got the "Please choose a certificate" popup. This is the wireshark packet capture up to that point:



Wireshark packet capture of a mutual-auth TLS handshake from Firefox



Things to note:



The client sends a generic ClientHello.



The server sends a ServerHello that includes the server cert, and a request for a client cert.



At this point Firefox presents the popup for me to select which cert I wish to send. If I hit Cancel, then there is no further network traffic, ie nothing is sent to the server beyond the generic ClientHello which contains no personally identifiable information. (apart from the list of supported cipher suites, which could be used to determine which version of which browser you're using)



Note1: I tried the same test with only one client cert in my browser, and I even clicked "Remember this decision" on the cert selection popup, and get the same result. So I am unable to reproduce your result of private data being sent to the server without me clicking "OK".



Note2: As pointed out by @JohnWu in comments, you can change Firefox's behaviour in settings in which case it behaves in the same insecure way as Chrome below. Default setting is:



Firefox default setting for whether to prompt you for a certificate or to select one for you



Testing on Chrome



Exactly the same test scenario as above, but with Chrome. (Note that Chrome does not have its own cert store, but instead uses your Windows cert store, which is a bit trickier to manipulate than Firefox. Details for that not included here.)



BINGO!! Chrome immediately starts sending client certs up to the server without any user prompts. This cert got rejected by the server cause that cert was for a different website. Yup, that's a privacy concern alright.



Wireshark packet capture of a mutual-auth TLS handshake from Chrome



Summary



In my testing with the two browsers that I have in my test environment (Firefox and Chrome), Chrome exihited the behaviour you describe (spamming client certs at the server regardless of whether they are from a different site), while Firefox politely asked me to confirm which cert to send, even when I only had one cert installed.



Conclusion: If you care about privacy, then Chrome is not your friend. Use Firefox instead.






share|improve this answer























  • Every once in a while there is a question here where I'm not sure there is a clear answer but it needs testing. I'm very, very curious to see what further testing reveals.
    – schroeder
    3 hours ago






  • 1




    On it! Hold tight! More edits incoming.
    – Mike Ounsworth
    3 hours ago








  • 1




    @schroeder Huzzah! Answer: if you're a fan of privacy, then Chrome is not your friend.
    – Mike Ounsworth
    3 hours ago










  • Awesome work! Care to test any other browsers? Got a blog to post this research to (and reference sec.se)?
    – schroeder
    3 hours ago










  • @schroeder heh, sadly no to all. It is however, time to make dinner :P
    – Mike Ounsworth
    3 hours ago















up vote
4
down vote













Interesting question! I just so happen to have a browser full of test certs, and a number of test sites to connect to! Let's test this!



(Skip to the bottom for a summary)



Investigation



Testing on Firefox



Firefox loaded with certs, a test site that requires a TLS client cert, Wireshark.



I restarted Firefox to get a clean session. Then I entered the URL of a website that will ask for a TLS client cert, and stopped once I got the "Please choose a certificate" popup. This is the wireshark packet capture up to that point:



Wireshark packet capture of a mutual-auth TLS handshake from Firefox



Things to note:



The client sends a generic ClientHello.



The server sends a ServerHello that includes the server cert, and a request for a client cert.



At this point Firefox presents the popup for me to select which cert I wish to send. If I hit Cancel, then there is no further network traffic, ie nothing is sent to the server beyond the generic ClientHello which contains no personally identifiable information. (apart from the list of supported cipher suites, which could be used to determine which version of which browser you're using)



Note1: I tried the same test with only one client cert in my browser, and I even clicked "Remember this decision" on the cert selection popup, and get the same result. So I am unable to reproduce your result of private data being sent to the server without me clicking "OK".



Note2: As pointed out by @JohnWu in comments, you can change Firefox's behaviour in settings in which case it behaves in the same insecure way as Chrome below. Default setting is:



Firefox default setting for whether to prompt you for a certificate or to select one for you



Testing on Chrome



Exactly the same test scenario as above, but with Chrome. (Note that Chrome does not have its own cert store, but instead uses your Windows cert store, which is a bit trickier to manipulate than Firefox. Details for that not included here.)



BINGO!! Chrome immediately starts sending client certs up to the server without any user prompts. This cert got rejected by the server cause that cert was for a different website. Yup, that's a privacy concern alright.



Wireshark packet capture of a mutual-auth TLS handshake from Chrome



Summary



In my testing with the two browsers that I have in my test environment (Firefox and Chrome), Chrome exihited the behaviour you describe (spamming client certs at the server regardless of whether they are from a different site), while Firefox politely asked me to confirm which cert to send, even when I only had one cert installed.



Conclusion: If you care about privacy, then Chrome is not your friend. Use Firefox instead.






share|improve this answer























  • Every once in a while there is a question here where I'm not sure there is a clear answer but it needs testing. I'm very, very curious to see what further testing reveals.
    – schroeder
    3 hours ago






  • 1




    On it! Hold tight! More edits incoming.
    – Mike Ounsworth
    3 hours ago








  • 1




    @schroeder Huzzah! Answer: if you're a fan of privacy, then Chrome is not your friend.
    – Mike Ounsworth
    3 hours ago










  • Awesome work! Care to test any other browsers? Got a blog to post this research to (and reference sec.se)?
    – schroeder
    3 hours ago










  • @schroeder heh, sadly no to all. It is however, time to make dinner :P
    – Mike Ounsworth
    3 hours ago













up vote
4
down vote










up vote
4
down vote









Interesting question! I just so happen to have a browser full of test certs, and a number of test sites to connect to! Let's test this!



(Skip to the bottom for a summary)



Investigation



Testing on Firefox



Firefox loaded with certs, a test site that requires a TLS client cert, Wireshark.



I restarted Firefox to get a clean session. Then I entered the URL of a website that will ask for a TLS client cert, and stopped once I got the "Please choose a certificate" popup. This is the wireshark packet capture up to that point:



Wireshark packet capture of a mutual-auth TLS handshake from Firefox



Things to note:



The client sends a generic ClientHello.



The server sends a ServerHello that includes the server cert, and a request for a client cert.



At this point Firefox presents the popup for me to select which cert I wish to send. If I hit Cancel, then there is no further network traffic, ie nothing is sent to the server beyond the generic ClientHello which contains no personally identifiable information. (apart from the list of supported cipher suites, which could be used to determine which version of which browser you're using)



Note1: I tried the same test with only one client cert in my browser, and I even clicked "Remember this decision" on the cert selection popup, and get the same result. So I am unable to reproduce your result of private data being sent to the server without me clicking "OK".



Note2: As pointed out by @JohnWu in comments, you can change Firefox's behaviour in settings in which case it behaves in the same insecure way as Chrome below. Default setting is:



Firefox default setting for whether to prompt you for a certificate or to select one for you



Testing on Chrome



Exactly the same test scenario as above, but with Chrome. (Note that Chrome does not have its own cert store, but instead uses your Windows cert store, which is a bit trickier to manipulate than Firefox. Details for that not included here.)



BINGO!! Chrome immediately starts sending client certs up to the server without any user prompts. This cert got rejected by the server cause that cert was for a different website. Yup, that's a privacy concern alright.



Wireshark packet capture of a mutual-auth TLS handshake from Chrome



Summary



In my testing with the two browsers that I have in my test environment (Firefox and Chrome), Chrome exihited the behaviour you describe (spamming client certs at the server regardless of whether they are from a different site), while Firefox politely asked me to confirm which cert to send, even when I only had one cert installed.



Conclusion: If you care about privacy, then Chrome is not your friend. Use Firefox instead.






share|improve this answer














Interesting question! I just so happen to have a browser full of test certs, and a number of test sites to connect to! Let's test this!



(Skip to the bottom for a summary)



Investigation



Testing on Firefox



Firefox loaded with certs, a test site that requires a TLS client cert, Wireshark.



I restarted Firefox to get a clean session. Then I entered the URL of a website that will ask for a TLS client cert, and stopped once I got the "Please choose a certificate" popup. This is the wireshark packet capture up to that point:



Wireshark packet capture of a mutual-auth TLS handshake from Firefox



Things to note:



The client sends a generic ClientHello.



The server sends a ServerHello that includes the server cert, and a request for a client cert.



At this point Firefox presents the popup for me to select which cert I wish to send. If I hit Cancel, then there is no further network traffic, ie nothing is sent to the server beyond the generic ClientHello which contains no personally identifiable information. (apart from the list of supported cipher suites, which could be used to determine which version of which browser you're using)



Note1: I tried the same test with only one client cert in my browser, and I even clicked "Remember this decision" on the cert selection popup, and get the same result. So I am unable to reproduce your result of private data being sent to the server without me clicking "OK".



Note2: As pointed out by @JohnWu in comments, you can change Firefox's behaviour in settings in which case it behaves in the same insecure way as Chrome below. Default setting is:



Firefox default setting for whether to prompt you for a certificate or to select one for you



Testing on Chrome



Exactly the same test scenario as above, but with Chrome. (Note that Chrome does not have its own cert store, but instead uses your Windows cert store, which is a bit trickier to manipulate than Firefox. Details for that not included here.)



BINGO!! Chrome immediately starts sending client certs up to the server without any user prompts. This cert got rejected by the server cause that cert was for a different website. Yup, that's a privacy concern alright.



Wireshark packet capture of a mutual-auth TLS handshake from Chrome



Summary



In my testing with the two browsers that I have in my test environment (Firefox and Chrome), Chrome exihited the behaviour you describe (spamming client certs at the server regardless of whether they are from a different site), while Firefox politely asked me to confirm which cert to send, even when I only had one cert installed.



Conclusion: If you care about privacy, then Chrome is not your friend. Use Firefox instead.







share|improve this answer














share|improve this answer



share|improve this answer








edited 28 mins ago

























answered 3 hours ago









Mike Ounsworth

38k1491135




38k1491135












  • Every once in a while there is a question here where I'm not sure there is a clear answer but it needs testing. I'm very, very curious to see what further testing reveals.
    – schroeder
    3 hours ago






  • 1




    On it! Hold tight! More edits incoming.
    – Mike Ounsworth
    3 hours ago








  • 1




    @schroeder Huzzah! Answer: if you're a fan of privacy, then Chrome is not your friend.
    – Mike Ounsworth
    3 hours ago










  • Awesome work! Care to test any other browsers? Got a blog to post this research to (and reference sec.se)?
    – schroeder
    3 hours ago










  • @schroeder heh, sadly no to all. It is however, time to make dinner :P
    – Mike Ounsworth
    3 hours ago


















  • Every once in a while there is a question here where I'm not sure there is a clear answer but it needs testing. I'm very, very curious to see what further testing reveals.
    – schroeder
    3 hours ago






  • 1




    On it! Hold tight! More edits incoming.
    – Mike Ounsworth
    3 hours ago








  • 1




    @schroeder Huzzah! Answer: if you're a fan of privacy, then Chrome is not your friend.
    – Mike Ounsworth
    3 hours ago










  • Awesome work! Care to test any other browsers? Got a blog to post this research to (and reference sec.se)?
    – schroeder
    3 hours ago










  • @schroeder heh, sadly no to all. It is however, time to make dinner :P
    – Mike Ounsworth
    3 hours ago
















Every once in a while there is a question here where I'm not sure there is a clear answer but it needs testing. I'm very, very curious to see what further testing reveals.
– schroeder
3 hours ago




Every once in a while there is a question here where I'm not sure there is a clear answer but it needs testing. I'm very, very curious to see what further testing reveals.
– schroeder
3 hours ago




1




1




On it! Hold tight! More edits incoming.
– Mike Ounsworth
3 hours ago






On it! Hold tight! More edits incoming.
– Mike Ounsworth
3 hours ago






1




1




@schroeder Huzzah! Answer: if you're a fan of privacy, then Chrome is not your friend.
– Mike Ounsworth
3 hours ago




@schroeder Huzzah! Answer: if you're a fan of privacy, then Chrome is not your friend.
– Mike Ounsworth
3 hours ago












Awesome work! Care to test any other browsers? Got a blog to post this research to (and reference sec.se)?
– schroeder
3 hours ago




Awesome work! Care to test any other browsers? Got a blog to post this research to (and reference sec.se)?
– schroeder
3 hours ago












@schroeder heh, sadly no to all. It is however, time to make dinner :P
– Mike Ounsworth
3 hours ago




@schroeder heh, sadly no to all. It is however, time to make dinner :P
– Mike Ounsworth
3 hours ago










user13097 is a new contributor. Be nice, and check out our Code of Conduct.










draft saved

draft discarded


















user13097 is a new contributor. Be nice, and check out our Code of Conduct.













user13097 is a new contributor. Be nice, and check out our Code of Conduct.












user13097 is a new contributor. Be nice, and check out our Code of Conduct.
















Thanks for contributing an answer to Information Security Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.





Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


Please pay close attention to the following guidance:


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f199515%2fdoes-a-client-certificate-identify-the-owner-to-unrelated-websites%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Le Mesnil-Réaume

Image
Le Mesnil-Réaume Region Normandie Département Seine-Maritime Arrondissement Dieppe Kanton Eu Gemeindeverband Villes Sœurs Koordinaten 49° 58′  N , 1° 27′  O 49.9725 1.4463888888889 Koordinaten: 49° 58′  N , 1° 27′  O Höhe 92–156 m Fläche 5,55 km 2 Einwohner 793 (1. Januar 2016) Bevölkerungsdichte 143 Einw./km 2 Postleitzahl 76260 INSEE-Code 76435 Website http://www.mesnil-reaume.net/ Rathaus (Mairie) und Schule von Le Mesnil-Réaume Le Mesnil-Réaume ist eine französische Gemeinde mit 793 Einwohnern (Stand: 1. Januar 2016) im Département Seine-Maritime in der Region Normandie (vor 2016 Haute-Normandie). Sie gehört zum Arrondissement Dieppe und zum Kanton Eu. Die Einwohner werden Mesnillais genannt. Inhaltsverzeichnis 1 Geographie 2 Bevölkerungsentwicklung 3 Sehenswürdigkeiten 4 Weblinks Geographie | Le Mesnil-Réaume liegt etwa 43 Kilomet
Read more

Ida-Boy-Ed-Garten

Image
Die Lage des Ida-Boy-Ed-Gartens, rot markiert Der Ida-Boy-Ed-Garten Der Ida-Boy-Ed-Garten, Blick von der Wakenitzmauer durch das Tor in der Stadtmauer Der Ida-Boy-Ed-Garten ist eine Straße der Lübecker Altstadt. Inhaltsverzeichnis 1 Lage 2 Geschichte 3 Literatur 4 Weblinks Lage | Der etwa 90 Meter lange Ida-Boy-Ed-Garten befindet sich an der nördlichen Spitze der Altstadtinsel, vor dem Burgtor. Die in einem Bogen durch eine Grünanlage hangaufwärts führende Straße verbindet die Wakenitzmauer mit der Burgtorbrücke. Geschichte | Der heutige Ida-Boy-Ed-Garten wurde ursprünglich als Verlängerung der Wakenitzmauer angelegt. 1903 wurde in den erhaltenen Teil der mittelalterlichen Stadtmauer, an dem die Wakenitzmauer bei der Einmündung der Kaiserstraße begann, ein Tor mit einem großen Bogen für die Durchführung der Straße und zwei kleineren seitlichen Öffnungen für Fußgänger gebrochen, um für die neu errichteten Wohnhäuser in diesem Bereich
Read more

web3.py web3.isConnected() returns false always

Image
1 I am trying an tutorial on web3.py so i created a profile in infura and used its project id.But it shows false always when i try web3.isConnected() PS C:UsersHP> python Python 3.6.3 (v3.6.3:2c5fed8, Oct 3 2017, 18:11:49) [MSC v.1900 64 bit (AMD64)] on win32 Type "help", "copyright", "credits" or "license" for more information. >>> from web3 import Web3 >>> infura_url = "mainnet.infura.io/v3/******************************" >>> web3 = Web3(Web3.HTTPProvider(infura_url)) >>> web3.isConnected() False web3.py share | improve this question
Read more