Verify certificates using OS trust stores
Project description
Truststore
Verify certificates using OS trust stores. Supports macOS, Windows, and Linux (with OpenSSL). This project should be considered experimental.
Usage
# The following code works on Linux, macOS, and Windows without dependencies.
import socket
import ssl
import truststore
# Create an SSLContext for the system trust store
ctx = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
# Connect to the peer and initiate a TLS handshake
sock = socket.create_connection(("example.com", 443))
sock = ctx.wrap_socket(sock, server_hostname="example.com")
# Also works with libraries that accept an SSLContext object
import urllib3
http = urllib3.PoolManager(ssl_context=ctx)
http.request("GET", "https://example.com")
# Works with ssl.MemoryBIO objects for async I/O
import aiohttp
http = aiohttp.ClientSession()
await http.request("GET", "https://example.com", ssl=ctx)
Platforms
Works in the following configurations:
- macOS 10.8+ via Security framework
- Windows via CryptoAPI
- Linux via OpenSSL
Prior art
- The future of trust stores in Python (PyCon US 2022 lightning talk) (slides)
- Experimental APIs in Python 3.10 and the future of trust stores
- PEP 543: A Unified TLS API for Python
License
MIT
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
truststore-0.5.0.tar.gz
(12.6 kB
view hashes)
Built Distribution
truststore-0.5.0-py3-none-any.whl
(13.7 kB
view hashes)
Close
Hashes for truststore-0.5.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | ef51cb87968a853cb20fd670f351f5f36d4c09cc09ee4474537e229d6bd46f4f |
|
MD5 | 252a3b89ffc0ec4928861378193e50ab |
|
BLAKE2b-256 | 2e1fb50aa8ec1f48ed28ab4a59dc7495b79051dcb21f092fcf6b8eeb3759c005 |