twisted.internet.ssl.optionsForClientTLS(hostname, trustRoot=None, clientCertificate=None, acceptableProtocols=None, **kw)
function documentationtwisted.internet.ssl
View Source
Create a client
connection creator
for use with APIs such as SSL4ClientEndpoint
,
connectSSL
,
and startTLS
.
Parameters | hostname | The expected name of the remote host. This serves two purposes: first, and
most importantly, it verifies that the certificate received from the server
correctly identifies the specified hostname. The second purpose is to use
the Server Name Indication extension to indicate to the
server which certificate should be used. (type: unicode ) |
trustRoot | Specification of trust requirements of peers. This may be a Certificate
or the result of platformTrust .
By default it is platformTrust
and you probably shouldn't adjust it unless you really know what you're
doing. Be aware that clients using this interface must verify the
server; you cannot explicitly pass None
since that just means to use platformTrust . (type: IOpenSSLTrustRoot ) | |
clientCertificate | The certificate and private key that the client will use to authenticate to
the server. If unspecified, the client will not authenticate. (type: PrivateCertificate ) | |
acceptableProtocols | The protocols this peer is willing to speak after the TLS negotiation has
completed, advertised over both ALPN and NPN. If this argument is
specified, and no overlap can be found with the other peer, the connection
will fail to be established. If the remote peer does not offer NPN or ALPN,
the connection will be established, but no protocol wil be negotiated.
Protocols earlier in the list are preferred over those later in the list. (type: list
of bytes ) | |
extraCertificateOptions | keyword-only argument; this is a dictionary of additional keyword arguments
to be presented to CertificateOptions .
Please avoid using this unless you absolutely need to; any time you need to
pass an option here that is a bug in this interface. (type: dict ) | |
kw | (Backwards compatibility hack to allow keyword-only arguments on Python 2.
Please ignore; arbitrary keyword arguments will be errors.) (type: dict ) | |
Returns | A client connection creator. (type: IOpenSSLClientConnectionCreator ) | |
Present Since | 14.0 |