5.2.5. xgt.PKIAuth

class xgt.PKIAuth(ssl_root_dir=None, ssl_server_cert=None)

PKI-based authentication. Will derive user ID from information in the required x509 client certificate. Automatically enables mutual TLS for connecting to the server.

New in version 1.15.0.

Parameters:
  • ssl_root_dir (str) – Path to the root folder for ssl certificates and private keys. Defaults to the user’s home directory.

  • ssl_server_cert (str) – File containing the certificate chain that validates the server’s certificate. Defaults to ssl_root_dir + ‘/certs/ca-chain.cert.pem’.

Methods

__init__([ssl_root_dir, ssl_server_cert])

Constructor for PKIAuth.

Attributes

ssl_root_dir

The SSL certificate directory.

ssl_server_cert

The location of the file with the certificate chain validating the server certificate.

__init__(ssl_root_dir=None, ssl_server_cert=None)

Constructor for PKIAuth. Called when PKIAuth is created.

property ssl_root_dir

The SSL certificate directory.

Type:

str

property ssl_server_cert

The location of the file with the certificate chain validating the server certificate.

Type:

str