5.2.4. xgt.PKIAuth¶
- class xgt.PKIAuth(ssl_root_dir=None, ssl_server_cert=None, ssl_client_cert=None, ssl_client_key=None)¶
PKI-based authentication. Will derive user ID from information in the required x509 client certificate. Automatically enables mutual TLS for connecting to the server.
Added in version 1.15.0.
- Parameters:
ssl_root_dir (str) – Path to the root folder for ssl certificates and private keys. Defaults to the user’s home directory.
ssl_server_cert (str) – File containing the certificate chain that validates the server’s certificate. Defaults to ssl_root_dir + ‘/certs/ca-chain.cert.pem’.
ssl_client_cert (str) – File containing the client’s certificate. Defaults to ssl_root_dir + ‘/certs/client.cert.pem’
ssl_client_key (str) –
File containing the client’s key. Defaults to ssl_root_dir + ‘/private/client.key.pem’
Added in version 1.16.0.
Methods
__init__([ssl_root_dir, ssl_server_cert, ...])Constructor for PKIAuth.
Attributes
The location of the file with the client's certificate.
The location of the file with the client's key.
The SSL certificate directory.
The location of the file with the certificate chain validating the server certificate.
- __init__(ssl_root_dir=None, ssl_server_cert=None, ssl_client_cert=None, ssl_client_key=None)¶
Constructor for PKIAuth. Called when PKIAuth is created.
- property ssl_client_cert: str¶
The location of the file with the client’s certificate.
- Type:
str
- property ssl_client_key: str¶
The location of the file with the client’s key.
- Type:
str
- property ssl_root_dir: str¶
The SSL certificate directory.
- Type:
str
- property ssl_server_cert: str¶
The location of the file with the certificate chain validating the server certificate.
- Type:
str