ssl

The ssl module provides SSL contexts to wrap sockets in.

This module implements a subset of the corresponding CPython module, as described below. For more information, refer to the original CPython documentation: ssl.

Available on these boards
  • AITHinker ESP32-C3S_Kit
  • AITHinker ESP32-C3S_Kit_2M
  • ATMegaZero ESP32-S2
  • Adafruit Camera
  • Adafruit Feather ESP32 V2
  • Adafruit Feather ESP32-S2 TFT
  • Adafruit Feather ESP32-S3 TFT
  • Adafruit Feather ESP32S2
  • Adafruit Feather ESP32S3 4MB Flash 2MB PSRAM
  • Adafruit Feather ESP32S3 No PSRAM
  • Adafruit Feather HUZZAH32
  • Adafruit FunHouse
  • Adafruit MagTag
  • Adafruit Metro ESP32S2
  • Adafruit QT Py ESP32 PICO
  • Adafruit QT Py ESP32-S3 no psram
  • Adafruit QT Py ESP32C3
  • Adafruit QT Py ESP32S2
  • Artisense Reference Design RD00
  • BPI-Bit-S2
  • BPI-Leaf-S3
  • BPI-PicoW-S3
  • BastWiFi
  • Bee-Motion-S3
  • Bee-S3
  • CRCibernetica IdeaBoard
  • CrumpS2
  • Cytron Maker Feather AIoT S3
  • DFRobot Beetle ESP32-C3
  • ESP 12k NodeMCU
  • ESP32-C3-DevKitM-1
  • ESP32-S2-DevKitC-1-N4
  • ESP32-S2-DevKitC-1-N4R2
  • ESP32-S2-DevKitC-1-N8R2
  • ESP32-S3-Box-2.5
  • ESP32-S3-Box-Lite
  • ESP32-S3-DevKitC-1-N8
  • ESP32-S3-DevKitC-1-N8R2
  • ESP32-S3-DevKitC-1-N8R8
  • ESP32-S3-DevKitM-1-N8
  • ESP32-S3-EYE
  • ESP32-S3-USB-OTG-N8
  • Espressif ESP32-EYE
  • Feather ESP32S2 without PSRAM
  • FeatherS2
  • FeatherS2 Neo
  • FeatherS2 PreRelease
  • FeatherS3
  • Franzininho WIFI w/Wroom
  • Franzininho WIFI w/Wrover
  • Gravitech Cucumber M
  • Gravitech Cucumber MS
  • Gravitech Cucumber R
  • Gravitech Cucumber RS
  • HMI-DevKit-1.1
  • Hardkernel Odroid Go
  • HexKyS2
  • IoTs2
  • Kaluga 1
  • LILYGO TTGO T-01C3
  • LILYGO TTGO T-OI PLUS
  • LILYGO TTGO T8 ESP32-S2
  • LILYGO TTGO T8 ESP32-S2 w/Display
  • LOLIN S3 16MB Flash 8MB PSRAM
  • M5STACK STAMP-C3
  • M5Stack Atom Lite
  • M5Stack Core Basic
  • M5Stack Core Fire
  • MORPHEANS MorphESP-240
  • Maker badge by Czech maker
  • MicroDev microC3
  • MicroDev microS2
  • MixGo CE
  • Oak Dev Tech PixelWing ESP32S2
  • ProS3
  • Raspberry Pi Pico W
  • S2Mini
  • S2Pico
  • Saola 1 w/Wroom
  • Saola 1 w/Wrover
  • Seeed Studio XIAO ESP32C3
  • TTGO T8 ESP32-S2-WROOM
  • Targett Module Clip w/Wroom
  • Targett Module Clip w/Wrover
  • TinyPICO
  • TinyPICO Nano
  • TinyS2
  • TinyS3
  • Waveshare ESP32-S2-Pico
  • Waveshare ESP32-S2-Pico-LCD
  • Wemos Lolin C3 Mini" // from Wemos MP
  • nanoESP32-S2 w/Wrover
  • nanoESP32-S2 w/Wroom

ssl.create_default_context() SSLContext

Return the default SSLContext.

class ssl.SSLContext

Settings related to SSL that can be applied to a socket by wrapping it. This is useful to provide SSL certificates to specific connections rather than all of them.

check_hostname :bool

Whether to match the peer certificate’s hostname.

load_cert_chain(certfile: str, keyfile: str) None

Load a private key and the corresponding certificate.

The certfile string must be the path to a single file in PEM format containing the certificate as well as any number of CA certificates needed to establish the certificate’s authenticity. The keyfile string must point to a file containing the private key.

load_verify_locations(cadata: Optional[str] = None) None

Load a set of certification authority (CA) certificates used to validate other peers’ certificates.

set_default_verify_paths() None

Load a set of default certification authority (CA) certificates.

wrap_socket(sock: socketpool.Socket, *, server_side: bool = False, server_hostname: Optional[str] = None) SSLSocket

Wraps the socket into a socket-compatible class that handles SSL negotiation. The socket must be of type SOCK_STREAM.

class ssl.SSLSocket

Implements TLS security on a subset of socketpool.Socket functions. Cannot be created directly. Instead, call wrap_socket on an existing socket object.

Provides a subset of CPython’s ssl.SSLSocket API. It only implements the versions of recv that do not allocate bytes objects.

__hash__() int

Returns a hash for the Socket.

__enter__() SSLSocket

No-op used by Context Managers.

__exit__() None

Automatically closes the Socket when exiting a context. See Lifetime and ContextManagers for more info.

accept() Tuple[SSLSocket, Tuple[str, int]]

Accept a connection on a listening socket of type SOCK_STREAM, creating a new socket of type SOCK_STREAM. Returns a tuple of (new_socket, remote_address)

bind(address: Tuple[str, int]) None

Bind a socket to an address

Parameters

address (~tuple) – tuple of (remote_address, remote_port)

close() None

Closes this Socket

connect(address: Tuple[str, int]) None

Connect a socket to a remote address

Parameters

address (~tuple) – tuple of (remote_address, remote_port)

listen(backlog: int) None

Set socket to listen for incoming connections

Parameters

backlog (~int) – length of backlog queue for waiting connetions

recv_into(buffer: circuitpython_typing.WriteableBuffer, bufsize: int) int

Reads some bytes from the connected remote address, writing into the provided buffer. If bufsize <= len(buffer) is given, a maximum of bufsize bytes will be read into the buffer. If no valid value is given for bufsize, the default is the length of the given buffer.

Suits sockets of type SOCK_STREAM Returns an int of number of bytes read.

Parameters
  • buffer (bytearray) – buffer to receive into

  • bufsize (int) – optionally, a maximum number of bytes to read.

send(bytes: circuitpython_typing.ReadableBuffer) int

Send some bytes to the connected remote address. Suits sockets of type SOCK_STREAM

Parameters

bytes (~bytes) – some bytes to send

settimeout(value: int) None

Set the timeout value for this socket.

Parameters

value (~int) – timeout in seconds. 0 means non-blocking. None means block indefinitely.

setblocking(flag: bool) Optional[int]

Set the blocking behaviour of this socket.

Parameters

flag (~bool) – False means non-blocking, True means block indefinitely.