myqtt.tls — TLS support for PyMyQtt

MyQtt TLS support is provided by an independent python module that is imported like this:

import myqtt.tls

After that, no specific initialization code is required.

Module API

myqtt.tls.create_listener(ctx, bindaddress, port[, conn_opts])

Allows to create a TLS listener on the provided bindaddress:port.

Parameters:
  • ctx (myqtt.Ctx) – The context where to create the listener
  • bindaddress (String) – The bindaddress to be used
  • port (String) – port to run the listener
  • conn_opts (myqtt.ConnOpts) – Optional connection options to configure
myqtt.tls.create_conn(ctx, bindaddress, port[, conn_opts])

Allows to create a MQTT TLS connection to the destination configured. This function works the same as the myqtt.Conn method but providing support for SSL/TLS

Parameters:
  • ctx (myqtt.Ctx) – MyQtt context where the connection will be created.
  • host (String) – Host to connect to.
  • port (String) – Port to connect to.
  • client_identifier (String) – Client identifier
  • clean_session (Boolean) – Clean session
  • keep_alive (Integer) – Keep alive configuration
  • conn_opts (String) – Optional connection options to be used by the connection
myqtt.tls.set_certificate(listener, certificate_file, certificate_key[, certificate_chain])

Allows to configure the certificate (crt, key and chain) to be used by the provided listener.

Parameters:
  • listener (myqtt.Conn) – The listener to be configured with the provided certificate
  • certificate_file (String) – Path to the certificate file to use
  • certificate_key (String) – Path to the certificate key to use
  • certificate_chain (String) – Path to the certificate chain
myqtt.tls.is_on(connection)

Allows to check if the provided connection is running with TLS/SSL activated

Parameters:connection (myqtt.Conn) – The connection to be checked
myqtt.tls.ssl_peer_verify(opts, disable)

Allows to configure certificate verification on the provided myqtt.ConnOpts that will be used on the listener or connection creation.

Parameters:
  • opts (myqtt.ConnOpts) – The connection options to be configured
  • disable (Boolean) – True/False to enable disable SSL peer verification
myqtt.tls.set_ssl_certs(opts, certificate, private_key, chain_certificate, ca_certificate)

Allows to configure certificate on the provided connection options.

Parameters:
  • opts (myqtt.ConnOpts) – The connection option to be configured
  • certificate (String) – Path to the certificate file to use
  • private_key (String) – Path to the certificate key to use
  • chain_certificate (String) – Path to the certificate chain
  • ca_certificate – Path to the CA certificate
myqtt.tls.set_server_name(opts, server_name)

Allows to configure the server name that is going to be used during the SSL/TLS negotiation. This is used, for example, during SNI client process to be able to notify server side which serverName we are interested in so the right certificate can be selected.

Parameters:
  • opts (myqtt.ConnOpts) – The connection option to be configured
  • server_name (String) – The server name to configure
myqtt.tls.set_certificate_handlers(ctx, certificate_handler, key_handler, chain_handler, user_data)

Allows to configure a set of handlers that will dynamically determine the right set of certificates according to the serverName requested.

Parameters:
  • ctx (myqtt.Ctx) – The context to configure
  • certificate_handler – The handler that is called to get the certificate according to the server Name provided
  • key_handler (handler: handler(ctx, conn, serverName, userData) -> path certificate (String)) – The handler that is called to get the certificate according to the server Name provided
  • chain_handler – The handler that is called to get the chain certificate according to the server Name provided
myqtt.tls.verify_cert(conn)

Allows to verify certificate provided by remote side on the provided connection.

Parameters:conn (myqtt.Conn) – The connection to verify its certificate

Table Of Contents

Previous topic

myqtt.handlers — PyMyQtt handlers: List of handlers used by PyMyQtt API

This Page