tlspyo.credentials module

tlspyo.credentials.credentials_generator_tool(custom=False)[source]

Helper tool to generate credentials via CLI.

Parameters:

custom (bool) – whether to customize the certificate

tlspyo.credentials.generate_tls_credentials(folder_path, email_address='emailAddress', common_name='default', subject_alt_name=('DNS:default',), country_name='CA', locality_name='localityName', state_or_province_name='stateOrProvinceName', organization_name='organizationName', organization_unit_name='organizationUnitName', serial_number=0, validity_end_in_seconds=10 * 365 * 24 * 60 * 60)[source]

Generates a private TLS key and a self-signed TLS certificate in the designed folder.

Parameters:

  • folder_path (path-like object) – path were the files will be created

  • email_address (str) – your email address

  • common_name (str) – your hostname

  • subject_alt_name (tuple of str) – your subject alt name list

  • country_name (str) – your country code

  • locality_name (str) – your locality name

  • state_or_province_name (str) – your state name

  • organization_name (str) – your organization name

  • organization_unit_name (str) – your organization unit name

  • serial_number (int) – the serial number of your certificate

  • validity_end_in_seconds (int) – seconds until the generated certificate will expire

tlspyo.credentials.get_default_keys_folder()[source]

Creates the default credentials directory and returns it.

Returns:

default credentials directory

Return type:

pathlib.Path

tlspyo.credentials.tcp_broadcast_tls_credentials(port, directory=None)[source]

Starts a server that broadcasts certificate.pem over TCP.

Parameters:

  • port – port

  • directory – directory where to find certificate.pem if not the default credential directory

tlspyo.credentials.tcp_retrieve_tls_credentials(ip, port, directory=None)[source]

Starts a client that retrieves certificate.pem over TCP.

The credential-broadcasting server must be launched via tcp_broadcast_tls_credentials on the Relay machine.

Parameters:

  • ip – ip of the credential-broadcasting server

  • port – port of the credential-broadcasting server

  • directory – directory where to write certificate.pem if not the default credentials directory