ssl

The ssl module provides SSL contexts to wrap sockets in.

This module implements a subset of the corresponding CPython module, as described below. For more information, refer to the original CPython documentation: ssl.

Available on these boards
  • AITHinker ESP32-C3S_Kit
  • AITHinker ESP32-C3S_Kit_2M
  • ATMegaZero ESP32-S2
  • Adafruit Camera
  • Adafruit Feather ESP32-S2 TFT
  • Adafruit Feather ESP32S2
  • Adafruit Feather ESP32S3 No PSRAM
  • Adafruit FunHouse
  • Adafruit MagTag
  • Adafruit Metro ESP32S2
  • Adafruit QT Py ESP32-S3 no psram
  • Adafruit QT Py ESP32C3
  • Adafruit QT Py ESP32S2
  • Artisense Reference Design RD00
  • BastWiFi
  • CrumpS2
  • Cytron Maker Feather AIoT S3
  • ESP 12k NodeMCU
  • ESP32-C3-DevKitM-1
  • ESP32-S2-DevKitC-1-N4
  • ESP32-S2-DevKitC-1-N4R2
  • ESP32-S3-Box-2.5
  • ESP32-S3-DevKitC-1-N8
  • ESP32-S3-DevKitC-1-N8R2
  • ESP32-S3-DevKitC-1-N8R8
  • ESP32-S3-DevKitM-1-N8
  • ESP32-S3-USB-OTG-N8
  • Feather ESP32S2 without PSRAM
  • FeatherS2
  • FeatherS2 Neo
  • FeatherS2 PreRelease
  • FeatherS3
  • Franzininho WIFI w/Wroom
  • Franzininho WIFI w/Wrover
  • Gravitech Cucumber M
  • Gravitech Cucumber MS
  • Gravitech Cucumber R
  • Gravitech Cucumber RS
  • HMI-DevKit-1.1
  • HexKyS2
  • IoTs2
  • Kaluga 1
  • LILYGO TTGO T-01C3
  • LILYGO TTGO T-OI PLUS
  • LILYGO TTGO T8 ESP32-S2
  • LILYGO TTGO T8 ESP32-S2 w/Display
  • MORPHEANS MorphESP-240
  • MicroDev microC3
  • MicroDev microS2
  • Oak Dev Tech PixelWing ESP32S2
  • ProS3
  • S2Mini
  • S2Pico
  • Saola 1 w/Wroom
  • Saola 1 w/Wrover
  • TTGO T8 ESP32-S2-WROOM
  • Targett Module Clip w/Wroom
  • Targett Module Clip w/Wrover
  • TinyS2
  • TinyS3
  • nanoESP32-S2 w/Wrover
  • nanoESP32-S2 w/Wroom

ssl.create_default_context() SSLContext

Return the default SSLContext.

class ssl.SSLContext

Settings related to SSL that can be applied to a socket by wrapping it. This is useful to provide SSL certificates to specific connections rather than all of them.

check_hostname :bool

Whether to match the peer certificate’s hostname.

load_verify_locations(self, cadata: Optional[str] = None) None

Load a set of certification authority (CA) certificates used to validate other peers’ certificates.

set_default_verify_paths(self) None

Load a set of default certification authority (CA) certificates.

wrap_socket(self, sock: socketpool.Socket, *, server_side: bool = False, server_hostname: Optional[str] = None) SSLSocket

Wraps the socket into a socket-compatible class that handles SSL negotiation. The socket must be of type SOCK_STREAM.

class ssl.SSLSocket

Implements TLS security on a subset of socketpool.Socket functions. Cannot be created directly. Instead, call wrap_socket on an existing socket object.

Provides a subset of CPython’s ssl.SSLSocket API. It only implements the versions of recv that do not allocate bytes objects.

__hash__(self) int

Returns a hash for the Socket.

__enter__(self) SSLSocket

No-op used by Context Managers.

__exit__(self) None

Automatically closes the Socket when exiting a context. See Lifetime and ContextManagers for more info.

accept(self) Tuple[SSLSocket, Tuple[str, int]]

Accept a connection on a listening socket of type SOCK_STREAM, creating a new socket of type SOCK_STREAM. Returns a tuple of (new_socket, remote_address)

bind(self, address: Tuple[str, int]) None

Bind a socket to an address

Parameters

address (~tuple) – tuple of (remote_address, remote_port)

close(self) None

Closes this Socket

connect(self, address: Tuple[str, int]) None

Connect a socket to a remote address

Parameters

address (~tuple) – tuple of (remote_address, remote_port)

listen(self, backlog: int) None

Set socket to listen for incoming connections

Parameters

backlog (~int) – length of backlog queue for waiting connetions

recv_into(self, buffer: circuitpython_typing.WriteableBuffer, bufsize: int) int

Reads some bytes from the connected remote address, writing into the provided buffer. If bufsize <= len(buffer) is given, a maximum of bufsize bytes will be read into the buffer. If no valid value is given for bufsize, the default is the length of the given buffer.

Suits sockets of type SOCK_STREAM Returns an int of number of bytes read.

Parameters
  • buffer (bytearray) – buffer to receive into

  • bufsize (int) – optionally, a maximum number of bytes to read.

send(self, bytes: circuitpython_typing.ReadableBuffer) int

Send some bytes to the connected remote address. Suits sockets of type SOCK_STREAM

Parameters

bytes (~bytes) – some bytes to send

settimeout(self, value: int) None

Set the timeout value for this socket.

Parameters

value (~int) – timeout in seconds. 0 means non-blocking. None means block indefinitely.

setblocking(self, flag: bool) Optional[int]

Set the blocking behaviour of this socket.

Parameters

flag (~bool) – False means non-blocking, True means block indefinitely.