ssl.OP_NO_TLSv1

ssl.OP_NO_TLSv1 Prevents a TLSv1 connection. This option is only applicable in conjunction with PROTOCOL_SSLv23. It prevents the peers from choosing TLSv1 as the protocol version. New in version 3.2.

ssl.MemoryBIO.write()

write(buf) Write the bytes from buf to the memory BIO. The buf argument must be an object supporting the buffer protocol. The return value is the number of bytes written, which is always equal to the length of buf.

ssl.MemoryBIO.eof

eof A boolean indicating whether the memory BIO is current at the end-of-file position.

ssl.MemoryBIO.read()

read(n=-1) Read up to n bytes from the memory buffer. If n is not specified or negative, all bytes are returned.

ssl.MemoryBIO.write_eof()

write_eof() Write an EOF marker to the memory BIO. After this method has been called, it is illegal to call write(). The attribute eof will become true after all data currently in the buffer has been read.

ssl.MemoryBIO.pending

pending Return the number of bytes currently in the memory buffer.

ssl.MemoryBIO

class ssl.MemoryBIO A memory buffer that can be used to pass data between Python and an SSL protocol instance. pending Return the number of bytes currently in the memory buffer. eof A boolean indicating whether the memory BIO is current at the end-of-file position. read(n=-1) Read up to n bytes from the memory buffer. If n is not specified or negative, all bytes are returned. write(buf) Write the bytes from buf to the memory BIO. The buf argument must be an object suppor

ssl.get_server_certificate()

ssl.get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None) Given the address addr of an SSL-protected server, as a (hostname, port-number) pair, fetches the server’s certificate, and returns it as a PEM-encoded string. If ssl_version is specified, uses that version of the SSL protocol to attempt to connect to the server. If ca_certs is specified, it should be a file containing a list of root certificates, the same format as used for the same parameter in wrap_socket(). The

ssl.match_hostname()

ssl.match_hostname(cert, hostname) Verify that cert (in decoded format as returned by SSLSocket.getpeercert()) matches the given hostname. The rules applied are those for checking the identity of HTTPS servers as outlined in RFC 2818 and RFC 6125. In addition to HTTPS, this function should be suitable for checking the identity of servers in various SSL-based protocols such as FTPS, IMAPS, POPS and others. CertificateError is raised on failure. On success, the function returns nothing: >&g

ssl.enum_crls()

ssl.enum_crls(store_name) Retrieve CRLs from Windows’ system cert store. store_name may be one of CA, ROOT or MY. Windows may provide additional cert stores, too. The function returns a list of (cert_bytes, encoding_type, trust) tuples. The encoding_type specifies the encoding of cert_bytes. It is either x509_asn for X.509 ASN.1 data or pkcs_7_asn for PKCS#7 ASN.1 data. Availability: Windows. New in version 3.4.