SslContextConfigurator class
- class V12.FIXAntenna.SslContextConfigurator
SSL context configurator. SslContext uses this class instance to setup SSL configuration (certificates, private keys, ciphers and so on).
- reset() None
Resets configurator internal state if any. This routine is called right before any other routines are called to give configurator a chance to reset its internal state if any from previous configuration rounds and prepare to new one since configurator instance can be reused accross different SSL contexts.
- Returns:
None
- Return type:
None
- get_protocols() int
Returns protocols value to use. See
V12.FIXAntenna.SslContext
PROTOCOL_* constants. If 0 is returned the value passed directly to SslContext constructor is used.- Returns:
Allowed protocols to use.
- Return type:
int
- get_verify_locations() None
Provides location where to search for CA certificates. It is called by both Client and Server contexts. It is used to search for root CA certificates during peer certificate validation.
- Returns:
Returns location where to search for CA certificates.
- Return type:
- get_next_certificate_private_key_pair(index: int) CertificatePrivateKeyPair
Provides next certificate to set. It is called by both Client and Server contexts. Certificate matching against private key is performed for every certificate provided and exception is thrown if mismatch is detected.
- Param:
int index: tracking index
- Returns:
Return next certificate to set
- Return type:
- is_validate_peer_certificate() bool
Returns true if peer certificate has to be validated, false otherwise.
- Returns:
Returns true if peer certificate has to be validated, false otherwise.
- Return type:
bool
- get_ciphers_list() str
Returns ciphers configuration string. See https://www.openssl.org/docs/man1.0.2/apps/ciphers.html for details. If empty string is returned cipher’s list remains untouched and OpenSSL default list is used.
- Returns:
Returns ciphers configuration string.
- Return type:
str
- password_callback(index: int, array_index: int, max_password_size: int) str
This routing is called when password for private key or certificate is required. Certificate matching against private key set before is performed for every certificate provided.
- Parameters:
index (int) – Tracking index of certificate/key pair or -1 if password for CA certificate from
get_client_ca_list()
is requested.array_index (int) – Index of password requested - -1 for private key, 0 for certificate, 1,2,3,… for every certificate from certificate chain array if password is required.
max_password_size (int) – Maximal password length accepted. Return password should not be bigger the this value. All characted above this value will be truncated.
- Returns:
Returns password requested or empty string if no password is provided.
- Return type:
str
- get_client_ca_list() None
Provides data to build acceptable CAs list sent to client.
- Returns:
Returns a
ClientCAList
instance with the data.- Return type:
- lock() None
This routine gets the lock over the object and have to be called when exclusive access to the configurator instance is required.
- Returns:
None
- Return type:
None
- unlock() None
This routine releases the lock over the object and have to be called when no further exclusive access to the configurator instance is required.
- Returns:
None
- Return type:
None