The ssl
module provides SSL contexts to wrap sockets in.
This module implements a subset of the corresponding CPython module,
as described below. For more information, refer to the original
CPython documentation: cpython:ssl
.
Available on these boards
- 01Space 0.42 OLED ESP32C3
- AITHinker ESP32-C3S_Kit
- AITHinker ESP32-C3S_Kit_2M
- ATMegaZero ESP32-S2
- Adafruit Camera
- Adafruit Feather ESP32 V2
- Adafruit Feather ESP32-C6 4MB Flash No PSRAM
- Adafruit Feather ESP32-S2 Reverse TFT
- Adafruit Feather ESP32-S2 TFT
- Adafruit Feather ESP32-S3 Reverse TFT
- Adafruit Feather ESP32-S3 TFT
- Adafruit Feather ESP32S2
- Adafruit Feather ESP32S3 4MB Flash 2MB PSRAM
- Adafruit Feather ESP32S3 No PSRAM
- Adafruit Feather HUZZAH32
- Adafruit FunHouse
- Adafruit HUZZAH32 Breakout
- Adafruit ItsyBitsy ESP32
- Adafruit MagTag
- Adafruit MatrixPortal S3
- Adafruit Metro ESP32S2
- Adafruit Metro ESP32S3
- Adafruit QT Py ESP32 PICO
- Adafruit QT Py ESP32-S3 4MB Flash 2MB PSRAM
- Adafruit QT Py ESP32-S3 no psram
- Adafruit QT Py ESP32C3
- Adafruit QT Py ESP32S2
- Adafruit Vindie S2
- Adafruit-Qualia-S3-RGB666
- Ai Thinker ESP32-CAM
- Arduino Nano ESP32
- Artisense Reference Design RD00
- AutosportLabs-ESP32-CAN-X2
- BARDUINO 4.0.2
- BLING!
- BPI-Bit-S2
- BPI-Leaf-S3
- BPI-PicoW-S3
- BastWiFi
- Bee-Data-Logger
- Bee-Motion-S3
- Bee-S3
- BlizzardS3
- CRCibernetica IdeaBoard
- CircuitART Zero S3
- ColumbiaDSL-Sensor-Board-V1
- CrumpS2
- Cytron EDU PICO W
- Cytron Maker Feather AIoT S3
- DFRobot Beetle ESP32-C3
- DFRobot FireBeetle 2 ESP32-S3
- Deneyap Kart
- Deneyap Kart 1A
- Deneyap Kart 1A v2
- Deneyap Kart G
- Deneyap Mini
- Deneyap Mini v2
- ES3ink
- ESP 12k NodeMCU
- ESP32 Devkit V1
- ESP32-C3-DevKitM-1
- ESP32-C6-DevKitC-1-N8
- ESP32-C6-DevKitM-1
- ESP32-S2-DevKitC-1-N4
- ESP32-S2-DevKitC-1-N4R2
- ESP32-S2-DevKitC-1-N8R2
- ESP32-S3-Box-2.5
- ESP32-S3-Box-Lite
- ESP32-S3-DevKitC-1-N16
- ESP32-S3-DevKitC-1-N32R8
- ESP32-S3-DevKitC-1-N8
- ESP32-S3-DevKitC-1-N8R2
- ESP32-S3-DevKitC-1-N8R8
- ESP32-S3-DevKitC-1-N8R8-with-HACKTABLET
- ESP32-S3-DevKitM-1-N8
- ESP32-S3-EYE
- ESP32-S3-USB-OTG-N8
- ESP8684-DevKitC-02-N4
- Espressif ESP32 DevKitc V4 WROOM-32E
- Espressif ESP32 DevKitc V4 WROVER
- Espressif ESP32 TTGO T8 v1.7
- Espressif ESP32-EYE
- Espressif ESP32-LyraT
- Espressif-ESP32-S3-LCD-EV-Board
- Espressif-ESP32-S3-LCD-EV-Board_v1.5
- FeatherS2
- FeatherS2 Neo
- FeatherS2 PreRelease
- FeatherS3
- FeatherS3 Neo
- Flipper Zero Wi-Fi Dev
- Franzininho WIFI w/Wroom
- Franzininho WIFI w/Wrover
- Freenove ESP32-WROVER-DEV-CAM
- Gravitech Cucumber M
- Gravitech Cucumber MS
- Gravitech Cucumber R
- Gravitech Cucumber RS
- HMI-DevKit-1.1
- Hardkernel Odroid Go
- Heltec ESP32-S3-WIFI-LoRa-V3
- HexKyS2
- IoTs2
- Kaluga 1
- LILYGO T-DECK
- LILYGO T-DISPLAY S3 v1.2
- LILYGO T-Display S3 Pro
- LILYGO T-Watch-S3
- LILYGO TEMBED ESP32S3
- LILYGO TTGO T-01C3
- LILYGO TTGO T-DISPLAY v1.1
- LILYGO TTGO T-DISPLAY v1.1 4M
- LILYGO TTGO T-OI PLUS
- LILYGO TTGO T8 ESP32-S2
- LILYGO TTGO T8 ESP32-S2 w/Display
- LOLIN S3 16MB Flash 8MB PSRAM
- LOLIN S3 MINI 4MB Flash 2MB PSRAM
- LOLIN S3 PRO 16MB Flash 8MB PSRAM
- Lilygo T-watch 2020 V3
- Luatos Core-ESP32C3
- M5STACK STAMP-C3
- M5Stack Atom Echo
- M5Stack Atom Lite
- M5Stack Atom Matrix
- M5Stack Atom U
- M5Stack AtomS3
- M5Stack AtomS3 Lite
- M5Stack AtomS3U
- M5Stack Cardputer
- M5Stack Core Basic
- M5Stack Core Fire
- M5Stack Core2
- M5Stack CoreS3
- M5Stack Dial
- M5Stack M5Paper
- M5Stack Stick C
- M5Stack Stick C Plus
- M5Stack Timer Camera X
- MORPHEANS MorphESP-240
- MagiClick S3 N4R2
- Maker Go ESP32C3 Supermini
- Maker Go ESP32C6 Supermini
- Maker badge by Czech maker
- MakerFabs-ESP32-S3-Parallel-TFT-With-Touch-7inch
- MicroDev microC3
- MicroDev microS2
- MixGo CE
- NanoS3
- Neuron
- NodeMcu-ESP32-C2
- OMGS3
- Oak Dev Tech PixelWing ESP32S2
- Oxocard Artwork
- Oxocard Connect
- Oxocard Galaxy
- Oxocard Science
- Pajenicko PicoPad
- Pimoroni Badger 2040 W
- Pimoroni Inky Frame 5.7
- Pimoroni Inky Frame 7.3
- Pimoroni Pico DV Base W
- Pimoroni Plasma 2040W
- ProS3
- RGBTouch Mini
- Raspberry Pi Pico W
- S2Mini
- S2Pico
- SQFMI Watchy
- Saola 1 w/Wroom
- Saola 1 w/Wrover
- Seeed Studio XIAO ESP32C3
- Seeed Xiao ESP32-C6 4MB Flash 512KB SRAM
- Seeed Xiao ESP32-S3 Sense
- Spotpear ESP32C3 LCD 1.44
- Sunton ESP32-2424S012
- Sunton-ESP32-8048S050
- Sunton-ESP32-8048S070
- TTGO T8 ESP32-S2-WROOM
- Targett Module Clip w/Wroom
- Targett Module Clip w/Wrover
- ThingPulse Pendrive S3
- TinyC6
- TinyPICO
- TinyPICO Nano
- TinyS2
- TinyS3
- TinyWATCH S3
- VCC-GND YD-ESP32-S3 (N16R8)
- VCC-GND YD-ESP32-S3 (N8R8)
- VIDI X V1.1
- W5500-EVB-Pico
- Waveshare ESP32-S2-Pico
- Waveshare ESP32-S2-Pico-LCD
- Waveshare ESP32-S3-GEEK
- Waveshare ESP32-S3-Pico
- Waveshare ESP32-S3-Tiny
- Waveshare ESP32-S3-Zero
- Waveshare ESP32S3 LCD 1.28
- WeAct ESP32-C6 (4MB)
- WeAct ESP32-C6 (8MB)
- WeMos LOLIN32 Lite
- Wemos Lolin C3 Mini
- Wemos Lolin C3 Pico
- nanoESP32-S2 w/Wrover
- nanoESP32-S2 w/Wroom
- senseBox MCU-S2 ESP32S2
- sunton_esp32_2432S028
- sunton_esp32_2432S032C
-
ssl.create_default_context() → SSLContext
Return the default SSLContext.
-
class ssl.SSLContext
Settings related to SSL that can be applied to a socket by wrapping it.
This is useful to provide SSL certificates to specific connections
rather than all of them.
-
load_cert_chain(certfile: str, keyfile: str) → None
Load a private key and the corresponding certificate.
The certfile string must be the path to a single file in PEM format
containing the certificate as well as any number of CA certificates
needed to establish the certificate’s authenticity. The keyfile string
must point to a file containing the private key.
-
load_verify_locations(cafile: str | None = None, capath: str | None = None, cadata: str | None = None) → None
Load a set of certification authority (CA) certificates used to validate
other peers’ certificates.
- Parameters:
cafile (str) – path to a file of contcatenated CA certificates in PEM format. Not implemented.
capath (str) – path to a directory of CA certificate files in PEM format. Not implemented.
cadata (str) – A single CA certificate in PEM format. Limitation: CPython allows one
or more certificates, but this implementation is limited to one.
-
set_default_verify_paths() → None
Load a set of default certification authority (CA) certificates.
-
check_hostname: bool
Whether to match the peer certificate’s hostname.
-
wrap_socket(sock: socketpool.Socket, *, server_side: bool = False, server_hostname: str | None = None) → SSLSocket
Wraps the socket into a socket-compatible class that handles SSL negotiation.
The socket must be of type SOCK_STREAM.
-
class ssl.SSLSocket
Implements TLS security on a subset of socketpool.Socket
functions. Cannot be created
directly. Instead, call wrap_socket
on an existing socket object.
Provides a subset of CPython’s ssl.SSLSocket
API. It only implements the versions of
recv that do not allocate bytes objects.
-
__hash__() → int
Returns a hash for the Socket.
-
__enter__() → SSLSocket
No-op used by Context Managers.
-
__exit__() → None
Automatically closes the Socket when exiting a context. See
Lifetime and ContextManagers for more info.
-
accept() → Tuple[SSLSocket, Tuple[str, int]]
Accept a connection on a listening socket of type SOCK_STREAM,
creating a new socket of type SOCK_STREAM.
Returns a tuple of (new_socket, remote_address)
-
bind(address: Tuple[str, int]) → None
Bind a socket to an address
- Parameters:
address (~tuple) – tuple of (remote_address, remote_port)
-
close() → None
Closes this Socket
-
connect(address: Tuple[str, int]) → None
Connect a socket to a remote address
- Parameters:
address (~tuple) – tuple of (remote_address, remote_port)
-
listen(backlog: int) → None
Set socket to listen for incoming connections
- Parameters:
backlog (~int) – length of backlog queue for waiting connetions
-
recv_into(buffer: circuitpython_typing.WriteableBuffer, bufsize: int) → int
Reads some bytes from the connected remote address, writing
into the provided buffer. If bufsize <= len(buffer) is given,
a maximum of bufsize bytes will be read into the buffer. If no
valid value is given for bufsize, the default is the length of
the given buffer.
Suits sockets of type SOCK_STREAM
Returns an int of number of bytes read.
- Parameters:
buffer (bytearray) – buffer to receive into
bufsize (int) – optionally, a maximum number of bytes to read.
-
send(bytes: circuitpython_typing.ReadableBuffer) → int
Send some bytes to the connected remote address.
Suits sockets of type SOCK_STREAM
- Parameters:
bytes (~bytes) – some bytes to send
-
settimeout(value: int) → None
Set the timeout value for this socket.
- Parameters:
value (~int) – timeout in seconds. 0 means non-blocking. None means block indefinitely.
-
setblocking(flag: bool) → int | None
Set the blocking behaviour of this socket.
- Parameters:
flag (~bool) – False means non-blocking, True means block indefinitely.