Verify certificates using OS trust stores
Project description
Truststore
Verify certificates using OS trust stores. Supports macOS, Windows, and Linux (with OpenSSL). This project should be considered experimental.
Usage
# The following code works on Linux, macOS, and Windows without dependencies.
import socket
import ssl
import truststore
# Create an SSLContext for the system trust store
ctx = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
# Connect to the peer and initiate a TLS handshake
sock = socket.create_connection(("example.com", 443))
sock = ctx.wrap_socket(sock, server_hostname="example.com")
# Also works with libraries that accept an SSLContext object
import urllib3
http = urllib3.PoolManager(ssl_context=ctx)
http.request("GET", "https://example.com")
# Works with ssl.MemoryBIO objects for async I/O
import aiohttp
http = aiohttp.ClientSession()
await http.request("GET", "https://example.com", ssl=ctx)
Platforms
Works in the following configurations:
- macOS 10.8+ via Security framework
- Windows via CryptoAPI
- Linux via OpenSSL
Prior art
- The future of trust stores in Python (PyCon US 2022 lightning talk)
- Experimental APIs in Python 3.10 and the future of trust stores
- PEP 543: A Unified TLS API for Python
License
MIT
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
truststore-0.4.0.tar.gz
(11.6 kB
view hashes)
Built Distribution
truststore-0.4.0-py3-none-any.whl
(12.8 kB
view hashes)
Close
Hashes for truststore-0.4.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 018f261a13c970eb814ac424db4a48d538310416ddad4231ca49033c210eb5cf |
|
MD5 | 8135b1edbe1ffcc627a76c828d5d1500 |
|
BLAKE2b-256 | 2f6595ce2bd157d42e620a4af3f7c9f4ff34a862ac413a8f60e0a4a9ef924c3c |