This module provides access to Transport Layer Security (previously and widely known as “Secure Sockets Layer”) encryption and peer authentication facilities for network sockets, both client-side and server-side.
wrap_socket(sock, server_side=False, keyfile=None, certfile=None, cert_reqs=CERT_NONE, ca_certs=None)¶
Takes a stream sock (usually usocket.socket instance of
SOCK_STREAMtype), and returns an instance of ssl.SSLSocket, which wraps the underlying stream in an SSL context. Returned object has the usual stream interface methods like read(), write(), etc. In MicroPython, the returned object does not expose socket interface and methods like recv(), send(). In particular, a server-side SSL socket should be created from a normal socket returned from accept() on a non-SSL listening server socket.
Depending on the underlying module implementation for a particular board, some or all keyword arguments above may be not supported.
Some implementations of
ssl module do NOT validate server certificates,
which makes an SSL connection established prone to man-in-the-middle attacks.