The SSLContext class in Python

Overview:

  • The artifacts and policies required for successfully establishing a TLS (also still called as SSL) connection with a peer can be all put together in one place, generally as an object of the class SSLContext.
  • For example, a client using TLS to connect to a server can assign the value ssl.CERT_REQUIRED to the verify_mode attribute of an SSLContext object. This mandates the certificate of the server to be sent to the client and be validated.
  • In the similar way, SSLContext.check_hostname mandates the hostname mentioned in the certificate of the peer matches its hostname.
  • In addition to the security policies of a TLS client or a TLS server program the artifacts required to enforce such policies like the CA certificates, certificates of the hosts and private keys can also be stored in an SSLContext object.
  • An SSLContext aids in another important task – in creating an SSLSocket using a socket object.

Copyright 2024 © pythontic.com