SSLcontext() Method Of SSLcontext Class In Python

  1. Home
  2. Ssl
  3. Sslcontext
  4. Sslcontext

Method Name:

SSLContext

Method Signature:

SSLContext(protocol=ssl.PROTOCOL_TLS);

Parameters:

protocol – The SSL version to be used.

Return Value:

An object of type SSLContext.

Overview:

  • In a Python program, an instance of the class ssl.SSLContext acts as a placeholder where the policies and artifacts related to the secure communication of a client or a server can be stored.
  • Creation of an SSLContext instance is generally the first step required in any SSL based server or client.

Example:

# Example Python program that creates an SSLContext

# which is used to create an SSLSocket

import socket

import ssl

import os

import certifi

 

# Create an SSLContext instance by specifying the highest TLS protocol

# that both the client and the server supports

sslSettings = ssl.SSLContext(ssl.PROTOCOL_TLS);

sslSettings.verify_mode     = ssl.CERT_REQUIRED;

 

# Load the CA certificates used for validating the peer's certificate

sslSettings.load_verify_locations(cafile=os.path.relpath(certifi.where()),

                                  capath=None,

                                  cadata=None);

 

# Create a connection oriented socket

con_socket = socket.socket();

 

# Make SSLSocket from the connection oriented socket

sslSocket  = sslSettings.wrap_socket(con_socket);

con_socket.close();

 

# Connect to a server using TLS

sslSocket.connect(("example.net", 443));

 

print("SSLContext object:");

print(sslSettings);

 

# Get the context from SSLSocket and print

print("SSLContext object obtained from SSLSocket:");

context = sslSocket.context;

print(context);

 

print("The type of the secure socket created:");

print(sslSocket.context.sslsocket_class);

 

print("Maximum version of the TLS:");

print(sslSocket.context.maximum_version);

 

print("Minimum version of the TLS:");

print(sslSocket.context.minimum_version);

 

print("SSL options enabled in the context object:");

print(sslSocket.context.options);

 

print("Protocol set in the context:");

print(sslSocket.context.protocol);

 

print("Verify flags for certificates:");

print(sslSocket.context.verify_flags);

 

print("Verification mode(how to validate peer's certificate and handle failures if any):");

print(sslSocket.context.verify_mode);

 

# Do SSL shutdown handshake

sslSocket.unwrap();

 

# Close the SSLSocket instance

sslSocket.close();

 

Output:

SSLContext object:

<ssl.SSLContext object at 0x107d11d40>

SSLContext object obtained from SSLSocket:

<ssl.SSLContext object at 0x107d11d40>

The type of the secure socket created:

<class 'ssl.SSLSocket'>

Maximum version of the TLS:

TLSVersion.MAXIMUM_SUPPORTED

Minimum version of the TLS:

TLSVersion.MINIMUM_SUPPORTED

SSL options enabled in the context object:

Options.OP_ALL|OP_NO_SSLv3|OP_CIPHER_SERVER_PREFERENCE|OP_ENABLE_MIDDLEBOX_COMPAT|OP_NO_COMPRESSION

Protocol set in the context:

_SSLMethod.PROTOCOL_TLS

Verify flags for certificates:

VerifyFlags.VERIFY_X509_TRUSTED_FIRST

Verification mode(how to validate peer's certificate and handle failures if any):

VerifyMode.CERT_REQUIRED
cert_store_stats

The SSLContext class in Python

load_cert_chain

load_verify_locations

verify_mode

wrap_socket

Copyright 2023 © pythontic.com