ssl.RAND_add()

ssl.RAND_add(bytes, entropy) Mix the given bytes into the SSL pseudo-random number generator. The parameter entropy (a float) is a lower bound on the entropy contained in string (so you can always use 0.0). See RFC 1750 for more information on sources of entropy. Changed in version 3.5: Writable bytes-like object is now accepted.

ssl.PROTOCOL_TLSv1

ssl.PROTOCOL_TLSv1 Selects TLS version 1.0 as the channel encryption protocol.

ssl.OP_NO_TLSv1_2

ssl.OP_NO_TLSv1_2 Prevents a TLSv1.2 connection. This option is only applicable in conjunction with PROTOCOL_SSLv23. It prevents the peers from choosing TLSv1.2 as the protocol version. Available only with openssl version 1.0.1+. New in version 3.4.

ssl.PROTOCOL_SSLv2

ssl.PROTOCOL_SSLv2 Selects SSL version 2 as the channel encryption protocol. This protocol is not available if OpenSSL is compiled with the OPENSSL_NO_SSL2 flag. Warning SSL version 2 is insecure. Its use is highly discouraged.

ssl.PROTOCOL_SSLv3

ssl.PROTOCOL_SSLv3 Selects SSL version 3 as the channel encryption protocol. This protocol is not be available if OpenSSL is compiled with the OPENSSL_NO_SSLv3 flag. Warning SSL version 3 is insecure. Its use is highly discouraged.

ssl.PROTOCOL_SSLv23

ssl.PROTOCOL_SSLv23 Selects the highest protocol version that both the client and server support. Despite the name, this option can select “TLS” protocols as well as “SSL”.

ssl.PEM_cert_to_DER_cert()

ssl.PEM_cert_to_DER_cert(PEM_cert_string) Given a certificate as an ASCII PEM string, returns a DER-encoded sequence of bytes for that same certificate.

ssl.OP_NO_TLSv1

ssl.OP_NO_TLSv1 Prevents a TLSv1 connection. This option is only applicable in conjunction with PROTOCOL_SSLv23. It prevents the peers from choosing TLSv1 as the protocol version. New in version 3.2.

ssl.OP_NO_SSLv2

ssl.OP_NO_SSLv2 Prevents an SSLv2 connection. This option is only applicable in conjunction with PROTOCOL_SSLv23. It prevents the peers from choosing SSLv2 as the protocol version. New in version 3.2.

ssl.OP_NO_TLSv1_1

ssl.OP_NO_TLSv1_1 Prevents a TLSv1.1 connection. This option is only applicable in conjunction with PROTOCOL_SSLv23. It prevents the peers from choosing TLSv1.1 as the protocol version. Available only with openssl version 1.0.1+. New in version 3.4.