AS2Sender Class

Properties   Methods   Events   Config Settings   Errors  

The AS2Sender class implements an AS2 / EDI-INT client.

Syntax

class ipworksedi.AS2Sender

Remarks

The AS2Sender component may be used to send EDI or other messages over HTTP/S, using the AS2 protocol. It may also be used to verify synchronous or asynchronous server responses.

A typical AS2 transaction is as follows:

(1) The sender sends an EDI document to the receiver using HTTP or HTTPS. Typically the document will be signed and encrypted (particularly if SSL is not used). A signed receipt will also be requested.

(2) The receiver decrypts the message and verifies the signature.

(3) The receiver sends a signed receipt back to the client. The signature is over the hash of an MDN, which contains a hash of the received message.

When sending an EDI message, the client should specify, at a minimum, as2_from and as2_to, url, and edi_data. The post method should then be invoked.

To secure the EDI transmission, the message may be signed and/or encrypted by setting the appropriate certificates. By default, the class will apply message security if the appropriate certificates are specified. To sign the data, set signing_cert. To encrypt, set recipient_certs. If the recipient uses different certificates for signing and encryption it will also be necessary to set receipt_signer_cert.

SSL will also be used if the scheme in url is "https". If your trading partner is using a self-signed certificate, it will be necessary to set ssl_accept_server_cert or trap the on_ssl_server_authentication event to accept the certificate.

The message may also be compressed by setting compression_format.

To request a receipt, or Message Disposition Notification (MDN), simply set the mdn_to property. The mdn_options property may be used to customize the request. By default, the class will request a signed MDN over an SHA1 hash.

The class supports both synchronous and asynchronous MDN receipt delivery. By default, the class requests synchronous MDN receipt delivery, and the MDN will be returned in the HTTP reply. To request asynchronous MDN delivery, set the mdn_delivery_option to the URL where MDN's are to be delivered.

The HTTP reply will automatically be processed by the class. If an MDN was requested, post will validate the MDN and (if signed) establish non-repudiation of receipt. Any errors or warnings will cause the class to throw an exception.

In either case, after the EDI transaction is processed successfully, the mdn_receipt will be populated with the appropriate values.

Validating Asynchronous MDNs

The class may also be used to process and verify asynchronous MDNs. To do this, you should invoke read_async_receipt. This will read the receipt from the current HTTP context (or from mdn_receipt, if set manually), and allow you to determine your trading partner's identity and the message ID. You should then set receipt_signer_cert and original_content_mic, and finally invoke verify_receipt.

Property List

The following is the full list of the properties of the class with short descriptions. Click on the links for further details.

Method List

The following is the full list of the methods of the class with short descriptions. Click on the links for further details.

Event List

The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.

Config Settings

The following is a list of config settings for the class with short descriptions. Click on the links for further details.

as2_from Property

The AS2 Identifier of the sending system.

Syntax

def get_as2_from() -> str: ...
def set_as2_from(value: str) -> None: ...

as2_from = property(get_as2_from, set_as2_from)

Default Value

""

Remarks

May be company name, DUNS number, or anything agreed on by trading partners.

Required.

as2_to Property

The AS2 Identifier of the receiving system.

Syntax

def get_as2_to() -> str: ...
def set_as2_to(value: str) -> None: ...

as2_to = property(get_as2_to, set_as2_to)

Default Value

""

Remarks

May be company name, DUNS number, or anything agreed on by trading partners.

Required.

as2_version Property

The version of AS2 being used.

Syntax

def get_as2_version() -> str: ...

as2_version = property(get_as2_version, None)

Default Value

"1.2"

Remarks

The version of AS2 being used.

This property is read-only.

async_mdn_info_dir Property

Path to a directory to store data used in verifying AsyncMDNs.

Syntax

def get_async_mdn_info_dir() -> str: ...
def set_async_mdn_info_dir(value: str) -> None: ...

async_mdn_info_dir = property(get_async_mdn_info_dir, set_async_mdn_info_dir)

Default Value

""

Remarks

If post is invoked after setting async_mdn_info_dir and an asynchronous MDN is requested, the class stores the data required to verify AsyncMDNs in a file in the specified directory. The name of the file is the message_id of the outgoing message.

async_mdn_info_dir is also used while verifying asynchronous MDNs using verify_receipt. The properties required to process AsyncMDNs, namely original_content_mic and mdn_options, are automatically read from the file saved at the time of sending the original message.

attachment_count Property

The number of records in the Attachment arrays.

Syntax

def get_attachment_count() -> int: ...
def set_attachment_count(value: int) -> None: ...

attachment_count = property(get_attachment_count, set_attachment_count)

Default Value

0

Remarks

This property controls the size of the following arrays:

• attachment_content_type
• attachment_data
• attachment_file_name
• attachment_headers
• attachment_name

The array indices start at 0 and end at attachment_count - 1.

attachment_content_type Property

The MIME content-type of this ediattachment .

Syntax

def get_attachment_content_type(attachment_index: int) -> str: ...
def set_attachment_content_type(attachment_index: int, value: str) -> None: ...

Default Value

""

Remarks

The MIME content-type of this EDIAttachment.

The attachment_index parameter specifies the index of the item in the array. The size of the array is controlled by the attachment_count property.

attachment_data Property

This property contains the attachment data.

Syntax

def get_attachment_data(attachment_index: int) -> bytes: ...
def set_attachment_data(attachment_index: int, value: bytes) -> None: ...

Default Value

""

Remarks

This property contains the attachment data.

In a receiver, the class decodes the attachment to the attachment_data property when attachment_data's value is first queried. This property will contain the full decrypted text of the attachment.

The attachment_index parameter specifies the index of the item in the array. The size of the array is controlled by the attachment_count property.

attachment_file_name Property

The file name of the attachment.

Syntax

def get_attachment_file_name(attachment_index: int) -> str: ...
def set_attachment_file_name(attachment_index: int, value: str) -> None: ...

Default Value

""

Remarks

The file name of the attachment. If incoming_directory has been specified, the attachment will be written to the specified directory and the name will be provided by this property. Otherwise, this will contain the name of the attachment as described in the attachment_headers.

The attachment_index parameter specifies the index of the item in the array. The size of the array is controlled by the attachment_count property.

attachment_headers Property

The class fills out Headers each time any of the other properties for that ediattachment are changed.

Syntax

def get_attachment_headers(attachment_index: int) -> str: ...
def set_attachment_headers(attachment_index: int, value: str) -> None: ...

Default Value

""

Remarks

The class fills out attachment_headers each time any of the other properties for that EDIAttachment are changed. If additional headers are needed they should be appended after all the other propertys for that EDIAttachment are set.

The attachment_index parameter specifies the index of the item in the array. The size of the array is controlled by the attachment_count property.

attachment_name Property

Name is the final name to be associated with the contents of either the Data or FileName properties.

Syntax

def get_attachment_name(attachment_index: int) -> str: ...
def set_attachment_name(attachment_index: int, value: str) -> None: ...

Default Value

""

Remarks

attachment_name is the final name to be associated with the contents of either the attachment_data or attachment_file_name properties. This corresponds to the filename attribute of the Content-Disposition header for this attachment.

The attachment_index parameter specifies the index of the item in the array. The size of the array is controlled by the attachment_count property.

cem_count Property

The number of records in the CEM arrays.

Syntax

def get_cem_count() -> int: ...
def set_cem_count(value: int) -> None: ...

cem_count = property(get_cem_count, set_cem_count)

Default Value

0

Remarks

This property controls the size of the following arrays:

• cem_accepted
• cem_cert_id
• cem_cert_issuer
• cem_cert_serial_number
• cem_cert_store
• cem_cert_store_password
• cem_cert_store_type
• cem_cert_subject
• cem_cert_usage
• cem_rejection_reason
• cem_respond_by_date
• cem_response_url

The array indices start at 0 and end at cem_count - 1.

cem_accepted Property

Whether the CEM request is accepted.

Syntax

def get_cem_accepted(cem_index: int) -> bool: ...
def set_cem_accepted(cem_index: int, value: bool) -> None: ...

Default Value

FALSE

Remarks

Whether the CEM request is accepted.

Before calling send_cem_response set this to True to accept the CEM request.

When processing a CEM response check this property to determine if the request was accepted.

The cem_index parameter specifies the index of the item in the array. The size of the array is controlled by the cem_count property.

cem_cert_id Property

A user defined identifier for the certificate.

Syntax

def get_cem_cert_id(cem_index: int) -> str: ...
def set_cem_cert_id(cem_index: int, value: str) -> None: ...

Default Value

""

Remarks

A user defined identifier for the certificate.

This property defines a user specified identifier for the certificate. This may be set to a value which helps the recipient identify the certificate. For instance "CompanyA.Encryption.Cert.2014".

This property may be set before calling send_cem_request or send_cem_response from AS2Sender.

This property may be queried when received a CEM request or response with AS2Receiver.

The cem_index parameter specifies the index of the item in the array. The size of the array is controlled by the cem_count property.

cem_cert_issuer Property

This property holds the issuer of the certificate.

Syntax

def get_cem_cert_issuer(cem_index: int) -> str: ...
def set_cem_cert_issuer(cem_index: int, value: str) -> None: ...

Default Value

""

Remarks

This property holds the issuer of the certificate. This may be queried when receiving a CEM request with AS2Receiver. This may be set before calling send_cem_response with AS2Sender.

The cem_index parameter specifies the index of the item in the array. The size of the array is controlled by the cem_count property.

cem_cert_serial_number Property

This property holds the serial number of the certificate.

Syntax

def get_cem_cert_serial_number(cem_index: int) -> str: ...
def set_cem_cert_serial_number(cem_index: int, value: str) -> None: ...

Default Value

""

Remarks

This property holds the serial number of the certificate. This may be queried when receiving a CEM request with AS2Receiver. This may be set before calling send_cem_response with AS2Sender.

The cem_index parameter specifies the index of the item in the array. The size of the array is controlled by the cem_count property.

cem_cert_store Property

The name of the certificate store for the certificate.

Syntax

def get_cem_cert_store(cem_index: int) -> bytes: ...
def set_cem_cert_store(cem_index: int, value: bytes) -> None: ...

Default Value

"MY"

Remarks

The name of the certificate store for the certificate.

This property defines the store location for the type specified by cem_cert_store_type.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

The cem_index parameter specifies the index of the item in the array. The size of the array is controlled by the cem_count property.

cem_cert_store_password Property

If the certificate store is of a type that requires a password, this property is used to specify that password in order to open the certificate store.

Syntax

def get_cem_cert_store_password(cem_index: int) -> str: ...
def set_cem_cert_store_password(cem_index: int, value: str) -> None: ...

Default Value

""

Remarks

If the certificate store is of a type that requires a password, this property is used to specify that password in order to open the certificate store.

The cem_index parameter specifies the index of the item in the array. The size of the array is controlled by the cem_count property.

cem_cert_store_type Property

The type of certificate store for this certificate.

Syntax

def get_cem_cert_store_type(cem_index: int) -> int: ...
def set_cem_cert_store_type(cem_index: int, value: int) -> None: ...

Default Value

0

Remarks

The type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:

The cem_index parameter specifies the index of the item in the array. The size of the array is controlled by the cem_count property.

cem_cert_subject Property

The subject of the certificate.

Syntax

def get_cem_cert_subject(cem_index: int) -> str: ...
def set_cem_cert_subject(cem_index: int, value: str) -> None: ...

Default Value

""

Remarks

The subject of the certificate.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

The cem_index parameter specifies the index of the item in the array. The size of the array is controlled by the cem_count property.

cem_cert_usage Property

This property defines which usages are applicable to the certificate.

Syntax

def get_cem_cert_usage(cem_index: int) -> int: ...
def set_cem_cert_usage(cem_index: int, value: int) -> None: ...

Default Value

15

Remarks

This property defines which usages are applicable to the certificate. This may be set to a binary 'OR' of one or more of the following values:

• 1 (TLS Client)
• 2 (TLS Server)
• 4 (Encryption)
• 8 (Signature)

The cem_index parameter specifies the index of the item in the array. The size of the array is controlled by the cem_count property.

cem_rejection_reason Property

If Accepted is False this property specifies the reason a request was rejected.

Syntax

def get_cem_rejection_reason(cem_index: int) -> str: ...
def set_cem_rejection_reason(cem_index: int, value: str) -> None: ...

Default Value

""

Remarks

If cem_accepted is False this property specifies the reason a request was rejected.

When using AS2Sender this may be set to a string value which the recipient will see.

When using AS2Receiver query this property for details on why the request was rejected.

The cem_index parameter specifies the index of the item in the array. The size of the array is controlled by the cem_count property.

cem_respond_by_date Property

This property specifies the date by which the other party should respond.

Syntax

def get_cem_respond_by_date(cem_index: int) -> str: ...
def set_cem_respond_by_date(cem_index: int, value: str) -> None: ...

Default Value

""

Remarks

This property specifies the date by which the other party should respond. If the other party does not respond the new certificate may be used without any further notice. This property exists to assist the recipient in knowing when they should respond by. It does not guarantee a response by the specified date.

The format is of the XML standard dateTime type expressed in local time with UTC offset. For instance: "2005-08-31T00:21:00-05:00".

When using AS2Sender set this before calling send_cem_request.

When using AS2Receiver this property may be queried.

The cem_index parameter specifies the index of the item in the array. The size of the array is controlled by the cem_count property.

cem_response_url Property

This property defines the URL to which the response should be sent.

Syntax

def get_cem_response_url(cem_index: int) -> str: ...
def set_cem_response_url(cem_index: int, value: str) -> None: ...

Default Value

""

Remarks

This property defines the URL to which the response should be sent.

When using AS2Sender set this property before calling send_cem_request. This tells the recipient where to send the response.

When using AS2Receiver query this property to determine the URL where the response should be sent.

The cem_index parameter specifies the index of the item in the array. The size of the array is controlled by the cem_count property.

compression_format Property

The compression format (if any) to use.

Syntax

def get_compression_format() -> int: ...
def set_compression_format(value: int) -> None: ...

compression_format = property(get_compression_format, set_compression_format)

Default Value

0

Remarks

By default, outgoing data will not be compressed. Setting this property will instruct the class to compress the outgoing data using the indicated format.

Compression is highly recommended for large messages, as it will reduce network bandwidth and processing time required.

The compression algorithm used is Zlib, as required by RFC 3274 and defined in RFCs 1950 and 1951.

cookie_count Property

The number of records in the Cookie arrays.

Syntax

def get_cookie_count() -> int: ...
def set_cookie_count(value: int) -> None: ...

cookie_count = property(get_cookie_count, set_cookie_count)

Default Value

0

Remarks

This property controls the size of the following arrays:

• cookie_domain
• cookie_expiration
• cookie_name
• cookie_path
• cookie_secure
• cookie_value

The array indices start at 0 and end at cookie_count - 1.

cookie_domain Property

The domain of a received cookie.

Syntax

def get_cookie_domain(cookie_index: int) -> str: ...

Default Value

""

Remarks

The domain of a received cookie. This property contains a domain name to limit the cookie to (if provided by the server). If the server does not provide a domain name, this property will contain an empty string. The convention in this case is to use the server name specified by url_server as the cookie domain.

The cookie_index parameter specifies the index of the item in the array. The size of the array is controlled by the cookie_count property.

This property is read-only.

cookie_expiration Property

An expiration time for the cookie (if provided by the server).

Syntax

def get_cookie_expiration(cookie_index: int) -> str: ...

Default Value

""

Remarks

An expiration time for the cookie (if provided by the server). The time format used is "Weekday, DD-Mon-YY HH:MM:SS GMT". If the server does not provide an expiration time, this property will contain an empty string. The convention is to drop the cookie at the end of the session.

The cookie_index parameter specifies the index of the item in the array. The size of the array is controlled by the cookie_count property.

This property is read-only.

cookie_name Property

The name of the cookie.

Syntax

def get_cookie_name(cookie_index: int) -> str: ...
def set_cookie_name(cookie_index: int, value: str) -> None: ...

Default Value

""

Remarks

The name of the cookie.

This property, along with cookie_value, stores the cookie that is to be sent to the server. The on_set_cookie event displays the cookies sent by the server and their properties.

The cookie_index parameter specifies the index of the item in the array. The size of the array is controlled by the cookie_count property.

cookie_path Property

A path name to limit the cookie to (if provided by the server).

Syntax

def get_cookie_path(cookie_index: int) -> str: ...

Default Value

""

Remarks

A path name to limit the cookie to (if provided by the server). If the server does not provide a cookie path, the path property will be an empty string. The convention in this case is to use the path specified by url_path as the cookie path.

The cookie_index parameter specifies the index of the item in the array. The size of the array is controlled by the cookie_count property.

This property is read-only.

cookie_secure Property

The security flag of the received cookie.

Syntax

def get_cookie_secure(cookie_index: int) -> bool: ...

Default Value

FALSE

Remarks

The security flag of the received cookie. This property specifies whether the cookie is secure. If the value of this property is True, the cookie value must be submitted only through a secure (HTTPS) connection.

The cookie_index parameter specifies the index of the item in the array. The size of the array is controlled by the cookie_count property.

This property is read-only.

cookie_value Property

The value of the cookie.

Syntax

def get_cookie_value(cookie_index: int) -> str: ...
def set_cookie_value(cookie_index: int, value: str) -> None: ...

Default Value

""

Remarks

The value of the cookie. A corresponding value is associated with the cookie specified by cookie_name. This property holds that value.

The on_set_cookie event provides the cookies set by the server.

The cookie_index parameter specifies the index of the item in the array. The size of the array is controlled by the cookie_count property.

edi_data Property

This property contains the EDI payload of the transmission.

Syntax

def get_edi_data() -> bytes: ...
def set_edi_data(value: bytes) -> None: ...

edi_data = property(get_edi_data, set_edi_data)

Default Value

""

Remarks

This property contains the EDI payload of the transmission.

In a receiver, this property will only be populated if incoming_directory and edi_output_stream have not been specified and parse_request finishes without an error, setting scan_result to 0. If so, Data will contain the full decrypted text of the EDI message.

The EDI message to send.

edi_type Property

The Content-Type of the EDI message.

Syntax

def get_edi_type() -> str: ...
def set_edi_type(value: str) -> None: ...

edi_type = property(get_edi_type, set_edi_type)

Default Value

""

Remarks

The Content-Type of the EDI message. Sample values might be "application/edi-x12", "application/edifact" or "application/xml".

edi_name Property

Name is the final name to be associated with the contents of either the Data or FileName properties.

Syntax

def get_edi_name() -> str: ...
def set_edi_name(value: str) -> None: ...

edi_name = property(get_edi_name, set_edi_name)

Default Value

"rfc1767.edi"

Remarks

edi_name is the final name to be associated with the contents of either the edi_data or edi_file_name properties. This corresponds to the filename attribute of the Content-Disposition header for the EDI payload.

When constructing EDI data to be sent, edi_name will be set to the same value as edi_file_name, but can be overridden after setting edi_file_name to indicate that another name should be used in the outbound request's Content-Disposition MIME header.

When receiving EDI data, edi_name will be read out of the "filename" attribute of the inbound request's Content-Disposition MIME header.

edi_file_name Property

In a sender, if FileName is specified, the file specified will be used for the EDI payload of the transmission.

Syntax

def get_edi_file_name() -> str: ...
def set_edi_file_name(value: str) -> None: ...

edi_file_name = property(get_edi_file_name, set_edi_file_name)

Default Value

""

Remarks

In a sender, if edi_file_name is specified, the file specified will be used for the EDI payload of the transmission. edi_name will be populated with the name of the file.

In a receiver, when incoming_directory is set, this will be populated with the absolute path of the file which contains the processed message contents.

Note: When edi_output_stream is set, the data will be written to the stream and this property will not be populated.

encryption_algorithm Property

The algorithm used to encrypt the EDI data.

Syntax

def get_encryption_algorithm() -> str: ...
def set_encryption_algorithm(value: str) -> None: ...

encryption_algorithm = property(get_encryption_algorithm, set_encryption_algorithm)

Default Value

"3DES"

Remarks

If recipient_certs contains a valid certificate, the data will be encrypted using this certificate and the algorithm specified in encryption_algorithm. If encryption_algorithm is set to the empty string, the data will not be encrypted.

The class supports "3DES", or industry-standard 168-bit Triple-DES encryption.

The class supports "AES" encryption with a default keysize of 128 bits. You may also set "AESCBC192" or "AESCBC256" for 192- and 256-bit keysizes.

Possible values are:

• 3DES (default)
• DES
• AESCBC128
• AESCBC192
• AESCBC256
• AESGCM128
• AESGCM192
• AESGCM256

etag Property

The Etag of the file being sent.

Syntax

def get_etag() -> str: ...
def set_etag(value: str) -> None: ...

etag = property(get_etag, set_etag)

Default Value

""

Remarks

This specifies the etag for the file. This value should be set to an empty string the first time a file is sent using the restart command. The class will generate a unique etag based on the processed contents of the file and set this property when sending begins.

If a file is interrupted, this value must be set when restart is called to resume transfer of the already processed file.

firewall_auto_detect Property

Whether to automatically detect and use firewall system settings, if available.

Syntax

def get_firewall_auto_detect() -> bool: ...
def set_firewall_auto_detect(value: bool) -> None: ...

firewall_auto_detect = property(get_firewall_auto_detect, set_firewall_auto_detect)

Default Value

FALSE

Remarks

Whether to automatically detect and use firewall system settings, if available.

firewall_type Property

The type of firewall to connect through.

Syntax

def get_firewall_type() -> int: ...
def set_firewall_type(value: int) -> None: ...

firewall_type = property(get_firewall_type, set_firewall_type)

Default Value

0

Remarks

The type of firewall to connect through. The applicable values are as follows:

firewall_host Property

The name or IP address of the firewall (optional).

Syntax

def get_firewall_host() -> str: ...
def set_firewall_host(value: str) -> None: ...

firewall_host = property(get_firewall_host, set_firewall_host)

Default Value

""

Remarks

The name or IP address of the firewall (optional). If a firewall_host is given, the requested connections will be authenticated through the specified firewall when connecting.

If this property is set to a Domain Name, a DNS request is initiated. Upon successful termination of the request, this property is set to the corresponding address. If the search is not successful, the class fails with an error.

firewall_password Property

A password if authentication is to be used when connecting through the firewall.

Syntax

def get_firewall_password() -> str: ...
def set_firewall_password(value: str) -> None: ...

firewall_password = property(get_firewall_password, set_firewall_password)

Default Value

""

Remarks

A password if authentication is to be used when connecting through the firewall. If firewall_host is specified, the firewall_user and firewall_password properties are used to connect and authenticate to the given firewall. If the authentication fails, the class fails with an error.

firewall_port Property

The Transmission Control Protocol (TCP) port for the firewall Host .

Syntax

def get_firewall_port() -> int: ...
def set_firewall_port(value: int) -> None: ...

firewall_port = property(get_firewall_port, set_firewall_port)

Default Value

0

Remarks

The Transmission Control Protocol (TCP) port for the firewall firewall_host. See the description of the firewall_host property for details.

Note: This property is set automatically when firewall_type is set to a valid value. See the description of the firewall_type property for details.

firewall_user Property

A username if authentication is to be used when connecting through a firewall.

Syntax

def get_firewall_user() -> str: ...
def set_firewall_user(value: str) -> None: ...

firewall_user = property(get_firewall_user, set_firewall_user)

Default Value

""

Remarks

A username if authentication is to be used when connecting through a firewall. If firewall_host is specified, this property and the firewall_password property are used to connect and authenticate to the given Firewall. If the authentication fails, the class fails with an error.

from_ Property

The email address of the HTTP agent (optional).

Syntax

def get_from() -> str: ...
def set_from(value: str) -> None: ...

from_ = property(get_from, set_from)

Default Value

""

Remarks

If the from_ property contains a non-empty string, an HTTP From: header is added to the request. This header generally gives the email address of the requester of the document.

local_host Property

The name of the local host or user-assigned IP interface through which connections are initiated or accepted.

Syntax

def get_local_host() -> str: ...
def set_local_host(value: str) -> None: ...

local_host = property(get_local_host, set_local_host)

Default Value

""

Remarks

This property contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.

In multihomed hosts (machines with more than one IP interface) setting LocalHost to the IP address of an interface will make the class initiate connections (or accept in the case of server classs) only through that interface. It is recommended to provide an IP address rather than a hostname when setting this property to ensure the desired interface is used.

If the class is connected, the local_host property shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multihomed hosts (machines with more than one IP interface).

Note: local_host is not persistent. You must always set it in code, and never in the property window.

This property contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.

In multihomed hosts (machines with more than one IP interface) setting LocalHost to the IP address of an interface will make the class initiate connections (or accept in the case of server classs) only through that interface. It is recommended to provide an IP address rather than a hostname when setting this property to ensure the desired interface is used.

If the class is connected, the local_host property shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multihomed hosts (machines with more than one IP interface).

Note: local_host is not persistent. You must always set it in code, and never in the property window.

log_directory Property

The path to a directory for logging.

Syntax

def get_log_directory() -> str: ...
def set_log_directory(value: str) -> None: ...

log_directory = property(get_log_directory, set_log_directory)

Default Value

""

Remarks

Setting log_directory will instruct the component to log the details of each transmission to unique files in the specified directory. For each request processed, the class will log the complete text of the outgoing request and the incoming response.

The class will write multiple log file for each transmission, with separate extensions for each type of data:

One or more of these logs may be disabled by setting the LogOptions configuration setting.

log_directory supports several macros that can be used to specify a unique directory path. If the path specified does not already exist, the class will attempt to create the directory. The following macros are supported:

The filenames will be chosen automatically by the class. Each filename will be the system time, in the format YYYY-MM-DD-HH-MM-SS-MMMM, with extensions "-2", "-3", used in case files of those names already exist. After each transaction is processed log_file will contain the name of the files just written, minus the extension.

If logs cannot be written an exception will be thrown.

log_file Property

The log file written.

Syntax

def get_log_file() -> str: ...

log_file = property(get_log_file, None)

Default Value

""

Remarks

If log_directory is specified a log file will be written in the specified directory and log_file will contain the full path and name of the files written, minus the extension.

The class will write multiple log files for each transmission, with separate extensions for each type of data:

This property is read-only.

mdn_delivery_option Property

A URL indicating how the receipt is to be delivered.

Syntax

def get_mdn_delivery_option() -> str: ...
def set_mdn_delivery_option(value: str) -> None: ...

mdn_delivery_option = property(get_mdn_delivery_option, set_mdn_delivery_option)

Default Value

""

Remarks

The default mode of operation is for the receipt to be returned synchronously within the HTTP reply. By specifying a valid URL, the user may request asynchronous delivery instead. The URL indicates the destination for the reply, and may use any appropriate protocol, such as "http", "https", or "mailto".

If mdn_delivery_option is set to an empty string, the receipt will be returned synchronously, and will be processed automatically by the class. Clients requesting asynchronous delivery should provide their own processing for reading receipts.

mdn_options Property

Used to indicate the options requested for the MDN receipt.

Syntax

def get_mdn_options() -> str: ...
def set_mdn_options(value: str) -> None: ...

mdn_options = property(get_mdn_options, set_mdn_options)

Default Value

"signed-receipt-protocol=optional, pkcs7-signature; signed-receipt-micalg=optional, sha-256"

Remarks

By default, the class will request that the MDN be signed with a PKCS#7 signature over a SHA-256 hash, which is the industry standard.

Set mdn_options to an empty string to request an unsigned receipt.

This property will automatically be updated when signature_algorithm is set. Normally you will not need to set this property, however you can set a value here to override the automatically generated value.

The string format is that of the Disposition-Notification-Options HTTP header, as specified in RFC 3335. As a form of shorthand, you may set this property to "sha1", "sha-256", or "md5" to request the indicated hash algorithm.

mdn_receipt_content Property

This contains the entire content of the MDN Receipt.

Syntax

def get_mdn_receipt_content() -> bytes: ...
def set_mdn_receipt_content(value: bytes) -> None: ...

mdn_receipt_content = property(get_mdn_receipt_content, set_mdn_receipt_content)

Default Value

""

Remarks

This contains the entire content of the MDN Receipt. This is a multipart/report entity consisting of a machine readable mdn_receipt_mdn (Message Disposition Notification) and a human readable mdn_receipt_message, which itself may be embedded in a multipart/signed entity if requested by the AS2 sender.

mdn_receipt_header_count Property

The number of headers in the MDN.

Syntax

def get_mdn_receipt_header_count() -> int: ...

mdn_receipt_header_count = property(get_mdn_receipt_header_count, None)

Default Value

0

Remarks

The number of headers in the MDN.

This property is read-only.

mdn_receipt_header_field Property

The property name of the MDN header currently selected by HeaderIndex .

Syntax

def get_mdn_receipt_header_field() -> str: ...

mdn_receipt_header_field = property(get_mdn_receipt_header_field, None)

Default Value

""

Remarks

The field name of the MDN header currently selected by mdn_receipt_header_index.

This property is read-only.

mdn_receipt_header_index Property

Which MDN header is currently selected to populate HeaderField and HeaderValue .

Syntax

def get_mdn_receipt_header_index() -> int: ...
def set_mdn_receipt_header_index(value: int) -> None: ...

mdn_receipt_header_index = property(get_mdn_receipt_header_index, set_mdn_receipt_header_index)

Default Value

0

Remarks

Which MDN header is currently selected to populate mdn_receipt_header_field and mdn_receipt_header_value.

Valid values are 0 to mdn_receipt_header_count - 1.

mdn_receipt_headers Property

Headers contains all of the headers of the AS2 MDN Receipt as a single string.

Syntax

def get_mdn_receipt_headers() -> str: ...
def set_mdn_receipt_headers(value: str) -> None: ...

mdn_receipt_headers = property(get_mdn_receipt_headers, set_mdn_receipt_headers)

Default Value

""

Remarks

Headers contains all of the headers of the AS2 MDN Receipt as a single string. This will include headers such as AS2-From, AS2-To, Date, Content-Type, etc. In an AS2Sender, these will also contain the transport headers of the MDN Receipt (HTTP or SMTP headers, depending on the delivery option).

You can also use mdn_receipt_header_count, mdn_receipt_header_index, mdn_receipt_header_field, and mdn_receipt_header_value to easily iterate through each individual header.

mdn_receipt_header_value Property

The value of the MDN header currently selected by HeaderIndex .

Syntax

def get_mdn_receipt_header_value() -> str: ...

mdn_receipt_header_value = property(get_mdn_receipt_header_value, None)

Default Value

""

Remarks

The value of the MDN header currently selected by mdn_receipt_header_index.

This property is read-only.

mdn_receipt_mdn Property

MDN will contain the entire machine readable text of the Message Disposition Notification in the receipt.

Syntax

def get_mdn_receipt_mdn() -> str: ...

mdn_receipt_mdn = property(get_mdn_receipt_mdn, None)

Default Value

""

Remarks

MDN will contain the entire machine readable text of the Message Disposition Notification in the receipt. It will report either success or failure depending on the processing status of the receiver. In either case, it will be RFC-compliant.

This property is read-only.

mdn_receipt_message Property

The human-readable portion of the MDN receipt.

Syntax

def get_mdn_receipt_message() -> str: ...

mdn_receipt_message = property(get_mdn_receipt_message, None)

Default Value

""

Remarks

The human-readable portion of the MDN receipt.

The human-readable portion of the MDN receipt that indicates the status of the message processing. This can be used to provide the user with a helpful message in the event that an error is encountered.

This property is read-only.

mdn_receipt_mic_value Property

The Message Integrity Check(s) (one-way hash) of the original EDI message.

Syntax

def get_mdn_receipt_mic_value() -> str: ...

mdn_receipt_mic_value = property(get_mdn_receipt_mic_value, None)

Default Value

""

Remarks

The Message Integrity Check(s) (one-way hash) of the original EDI message.

An MDN Receipt contains a MIC calculated over the EDI message that the receipt is in response to, to be matched on the sender side against a saved value for the original request to ensure that the integrity of the data that the receiver reports is preserved. When a signed receipt is requested, the MIC is be calculated using the algorithm used on the incoming message's signature, or SHA-1 if the incoming message is not signed.

The MIC will be base64 encoded and reported with the algorithm name as specified in RFC 3335; e.g., "w7AguNJEmhF/qIjJw6LnnA==, md5".

This property is read-only.

mdn_receipt_signing_protocol Property

This property contains the MIME type of the signature used, if any (i.

Syntax

def get_mdn_receipt_signing_protocol() -> str: ...

mdn_receipt_signing_protocol = property(get_mdn_receipt_signing_protocol, None)

Default Value

""

Remarks

This property contains the MIME type of the signature used, if any (i.e., "application/pkcs7-signature"), to create this MDNReceipt. It will contain an empty string if the receipt is unsigned.

This property is read-only.

mdn_to Property

Used to indicate that a message disposition notification is requested.

Syntax

def get_mdn_to() -> str: ...
def set_mdn_to(value: str) -> None: ...

mdn_to = property(get_mdn_to, set_mdn_to)

Default Value

""

Remarks

If this property is set, a Disposition-Notification-To header will be added to the request, and an MDN will be requested. The value may be an email address, URL, etc., and while its presence is used to determine whether or not an MDN is sent, the value itself will typically be ignored by the server.

By default, the class will request a PKCS#7 signature and synchronous delivery. You may set mdn_delivery_option to request an asynchronous MDN, and you may set mdn_options to request a different type of signature, or no signature at all.

message_id Property

The Id of the message.

Syntax

def get_message_id() -> str: ...
def set_message_id(value: str) -> None: ...

message_id = property(get_message_id, set_message_id)

Default Value

""

Remarks

The Id format is as in RFC 2822: id-left@id-right .

A unique Id will automatically be generated on startup. Sending a message will reset id-left if the MessageId has been used in the previous message.

If you set message_id to a string of the form "@(id-right)" a unique id-left will be generated. If you set message_id to an empty string, a new message_id will be generated with the same id-right.

After an mdn_receipt is returned or set, message_id will contain the Original-Message-ID found in the MDN Receipt.

original_content_mic Property

The Message Integrity Check(s) (one-way hash) of the outgoing message.

Syntax

def get_original_content_mic() -> str: ...
def set_original_content_mic(value: str) -> None: ...

original_content_mic = property(get_original_content_mic, set_original_content_mic)

Default Value

""

Remarks

A MIC will be calculated over the outgoing message using the same algorithm in the signature_algorithm configuration used to sign the message. The property will be set when post (in AS3, send) is invoked, and the MIC will automatically be checked against the Original-Content-MIC in the MDN for synchronous MDNs.

The format is in RFC 3335, i.e. "w7AguNJEmhF/qIjJw6LnnA==, md5", with a newline at the end.

If you are requesting an asynchronous MDN, you must save this value externally so that it can be loaded when the MDN is received (you may also use async_mdn_info_dir).

proxy_auth_scheme Property

The type of authorization to perform when connecting to the proxy.

Syntax

def get_proxy_auth_scheme() -> int: ...
def set_proxy_auth_scheme(value: int) -> None: ...

proxy_auth_scheme = property(get_proxy_auth_scheme, set_proxy_auth_scheme)

Default Value

0

Remarks

The type of authorization to perform when connecting to the proxy. This is used only when the proxy_user and proxy_password properties are set.

proxy_auth_scheme should be set to authNone (3) when no authentication is expected.

By default, proxy_auth_scheme is authBasic (0), and if the proxy_user and proxy_password properties are set, the class will attempt basic authentication.

If proxy_auth_scheme is set to authDigest (1), digest authentication will be attempted instead.

If proxy_auth_scheme is set to authProprietary (2), then the authorization token will not be generated by the class. Look at the configuration file for the class being used to find more information about manually setting this token.

If proxy_auth_scheme is set to authNtlm (4), NTLM authentication will be used.

For security reasons, setting this property will clear the values of proxy_user and proxy_password.

proxy_auto_detect Property

Whether to automatically detect and use proxy system settings, if available.

Syntax

def get_proxy_auto_detect() -> bool: ...
def set_proxy_auto_detect(value: bool) -> None: ...

proxy_auto_detect = property(get_proxy_auto_detect, set_proxy_auto_detect)

Default Value

FALSE

Remarks

Whether to automatically detect and use proxy system settings, if available. The default value is False.

proxy_password Property

A password if authentication is to be used for the proxy.

Syntax

def get_proxy_password() -> str: ...
def set_proxy_password(value: str) -> None: ...

proxy_password = property(get_proxy_password, set_proxy_password)

Default Value

""

Remarks

A password if authentication is to be used for the proxy.

If proxy_auth_scheme is set to Basic Authentication, the proxy_user and proxy_password properties are Base64 encoded and the proxy authentication token will be generated in the form Basic [encoded-user-password].

If proxy_auth_scheme is set to Digest Authentication, the proxy_user and proxy_password properties are used to respond to the Digest Authentication challenge from the server.

If proxy_auth_scheme is set to NTLM Authentication, the proxy_user and proxy_password properties are used to authenticate through NTLM negotiation.

proxy_port Property

The Transmission Control Protocol (TCP) port for the proxy Server (default 80).

Syntax

def get_proxy_port() -> int: ...
def set_proxy_port(value: int) -> None: ...

proxy_port = property(get_proxy_port, set_proxy_port)

Default Value

80

Remarks

The Transmission Control Protocol (TCP) port for the proxy proxy_server (default 80). See the description of the proxy_server property for details.

proxy_server Property

If a proxy Server is given, then the HTTP request is sent to the proxy instead of the server otherwise specified.

Syntax

def get_proxy_server() -> str: ...
def set_proxy_server(value: str) -> None: ...

proxy_server = property(get_proxy_server, set_proxy_server)

Default Value

""

Remarks

If a proxy proxy_server is given, then the HTTP request is sent to the proxy instead of the server otherwise specified.

If the proxy_server property is set to a domain name, a DNS request is initiated. Upon successful termination of the request, the proxy_server property is set to the corresponding address. If the search is not successful, an error is returned.

proxy_ssl Property

When to use a Secure Sockets Layer (SSL) for the connection to the proxy.

Syntax

def get_proxy_ssl() -> int: ...
def set_proxy_ssl(value: int) -> None: ...

proxy_ssl = property(get_proxy_ssl, set_proxy_ssl)

Default Value

0

Remarks

When to use a Secure Sockets Layer (SSL) for the connection to the proxy. The applicable values are as follows:

proxy_user Property

A username if authentication is to be used for the proxy.

Syntax

def get_proxy_user() -> str: ...
def set_proxy_user(value: str) -> None: ...

proxy_user = property(get_proxy_user, set_proxy_user)

Default Value

""

Remarks

A username if authentication is to be used for the proxy.

If proxy_auth_scheme is set to Basic Authentication, the proxy_user and proxy_password properties are Base64 encoded and the proxy authentication token will be generated in the form Basic [encoded-user-password].

If proxy_auth_scheme is set to Digest Authentication, the proxy_user and proxy_password properties are used to respond to the Digest Authentication challenge from the server.

If proxy_auth_scheme is set to NTLM Authentication, the proxy_user and proxy_password properties are used to authenticate through NTLM negotiation.

receipt_signer_cert_store Property

The name of the certificate store for the client certificate.

Syntax

def get_receipt_signer_cert_store() -> bytes: ...
def set_receipt_signer_cert_store(value: bytes) -> None: ...

receipt_signer_cert_store = property(get_receipt_signer_cert_store, set_receipt_signer_cert_store)

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The receipt_signer_cert_store_type property denotes the type of the certificate store specified by receipt_signer_cert_store. If the store is password-protected, specify the password in receipt_signer_cert_store_password.

receipt_signer_cert_store is used in conjunction with the receipt_signer_cert_subject property to specify client certificates. If receipt_signer_cert_store has a value, and receipt_signer_cert_subject or receipt_signer_cert_encoded is set, a search for a certificate is initiated. Please see the receipt_signer_cert_subject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

receipt_signer_cert_store_password Property

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

def get_receipt_signer_cert_store_password() -> str: ...
def set_receipt_signer_cert_store_password(value: str) -> None: ...

receipt_signer_cert_store_password = property(get_receipt_signer_cert_store_password, set_receipt_signer_cert_store_password)

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

receipt_signer_cert_store_type Property

The type of certificate store for this certificate.

Syntax

def get_receipt_signer_cert_store_type() -> int: ...
def set_receipt_signer_cert_store_type(value: int) -> None: ...

receipt_signer_cert_store_type = property(get_receipt_signer_cert_store_type, set_receipt_signer_cert_store_type)

Default Value

0

Remarks

The type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:

receipt_signer_cert_subject Property

The subject of the certificate used for client authentication.

Syntax

def get_receipt_signer_cert_subject() -> str: ...
def set_receipt_signer_cert_subject(value: str) -> None: ...

receipt_signer_cert_subject = property(get_receipt_signer_cert_subject, set_receipt_signer_cert_subject)

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

receipt_signer_cert_encoded Property

The certificate (PEM/Base64 encoded).

Syntax

def get_receipt_signer_cert_encoded() -> bytes: ...
def set_receipt_signer_cert_encoded(value: bytes) -> None: ...

receipt_signer_cert_encoded = property(get_receipt_signer_cert_encoded, set_receipt_signer_cert_encoded)

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The receipt_signer_cert_store and receipt_signer_cert_subject properties also may be used to specify a certificate.

When receipt_signer_cert_encoded is set, a search is initiated in the current receipt_signer_cert_store for the private key of the certificate. If the key is found, receipt_signer_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, receipt_signer_cert_subject is set to an empty string.

recipient_cert_count Property

The number of records in the RecipientCert arrays.

Syntax

def get_recipient_cert_count() -> int: ...
def set_recipient_cert_count(value: int) -> None: ...

recipient_cert_count = property(get_recipient_cert_count, set_recipient_cert_count)

Default Value

0

Remarks

This property controls the size of the following arrays:

• recipient_cert_encoded
• recipient_cert_store
• recipient_cert_store_password
• recipient_cert_store_type
• recipient_cert_subject

The array indices start at 0 and end at recipient_cert_count - 1.

recipient_cert_store Property

The name of the certificate store for the client certificate.

Syntax

def get_recipient_cert_store(recipient_cert_index: int) -> bytes: ...
def set_recipient_cert_store(recipient_cert_index: int, value: bytes) -> None: ...

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The recipient_cert_store_type property denotes the type of the certificate store specified by recipient_cert_store. If the store is password-protected, specify the password in recipient_cert_store_password.

recipient_cert_store is used in conjunction with the recipient_cert_subject property to specify client certificates. If recipient_cert_store has a value, and recipient_cert_subject or recipient_cert_encoded is set, a search for a certificate is initiated. Please see the recipient_cert_subject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

The recipient_cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the recipient_cert_count property.

recipient_cert_store_password Property

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

def get_recipient_cert_store_password(recipient_cert_index: int) -> str: ...
def set_recipient_cert_store_password(recipient_cert_index: int, value: str) -> None: ...

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

The recipient_cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the recipient_cert_count property.

recipient_cert_store_type Property

The type of certificate store for this certificate.

Syntax

def get_recipient_cert_store_type(recipient_cert_index: int) -> int: ...
def set_recipient_cert_store_type(recipient_cert_index: int, value: int) -> None: ...

Default Value

0

Remarks

The type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:

The recipient_cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the recipient_cert_count property.

recipient_cert_subject Property

The subject of the certificate used for client authentication.

Syntax

def get_recipient_cert_subject(recipient_cert_index: int) -> str: ...
def set_recipient_cert_subject(recipient_cert_index: int, value: str) -> None: ...

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

The recipient_cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the recipient_cert_count property.

recipient_cert_encoded Property

The certificate (PEM/Base64 encoded).

Syntax

def get_recipient_cert_encoded(recipient_cert_index: int) -> bytes: ...
def set_recipient_cert_encoded(recipient_cert_index: int, value: bytes) -> None: ...

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The recipient_cert_store and recipient_cert_subject properties also may be used to specify a certificate.

When recipient_cert_encoded is set, a search is initiated in the current recipient_cert_store for the private key of the certificate. If the key is found, recipient_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, recipient_cert_subject is set to an empty string.

The recipient_cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the recipient_cert_count property.

restart_directory Property

The directory to log cached files when using AS2 restart functionality.

Syntax

def get_restart_directory() -> str: ...
def set_restart_directory(value: str) -> None: ...

restart_directory = property(get_restart_directory, set_restart_directory)

Default Value

""

Remarks

If this property is set, the class will cache all data to the restart_directory. Thus, when sending a file is interrupted, the class can restart the transmission of the file starting where it was interrupted.

To use this functionality, simply set the restart_directory and call restart.

When using restart functionality, the data is completely processed to the restart_directory before sending begins.

NOTE: This directory will not automatically be cleaned up.

rollover_signing_cert_store Property

The name of the certificate store for the client certificate.

Syntax

def get_rollover_signing_cert_store() -> bytes: ...
def set_rollover_signing_cert_store(value: bytes) -> None: ...

rollover_signing_cert_store = property(get_rollover_signing_cert_store, set_rollover_signing_cert_store)

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The rollover_signing_cert_store_type property denotes the type of the certificate store specified by rollover_signing_cert_store. If the store is password-protected, specify the password in rollover_signing_cert_store_password.

rollover_signing_cert_store is used in conjunction with the rollover_signing_cert_subject property to specify client certificates. If rollover_signing_cert_store has a value, and rollover_signing_cert_subject or rollover_signing_cert_encoded is set, a search for a certificate is initiated. Please see the rollover_signing_cert_subject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

rollover_signing_cert_store_password Property

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

def get_rollover_signing_cert_store_password() -> str: ...
def set_rollover_signing_cert_store_password(value: str) -> None: ...

rollover_signing_cert_store_password = property(get_rollover_signing_cert_store_password, set_rollover_signing_cert_store_password)

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

rollover_signing_cert_store_type Property

The type of certificate store for this certificate.

Syntax

def get_rollover_signing_cert_store_type() -> int: ...
def set_rollover_signing_cert_store_type(value: int) -> None: ...

rollover_signing_cert_store_type = property(get_rollover_signing_cert_store_type, set_rollover_signing_cert_store_type)

Default Value

0

Remarks

The type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:

rollover_signing_cert_subject Property

The subject of the certificate used for client authentication.

Syntax

def get_rollover_signing_cert_subject() -> str: ...
def set_rollover_signing_cert_subject(value: str) -> None: ...

rollover_signing_cert_subject = property(get_rollover_signing_cert_subject, set_rollover_signing_cert_subject)

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

rollover_signing_cert_encoded Property

The certificate (PEM/Base64 encoded).

Syntax

def get_rollover_signing_cert_encoded() -> bytes: ...
def set_rollover_signing_cert_encoded(value: bytes) -> None: ...

rollover_signing_cert_encoded = property(get_rollover_signing_cert_encoded, set_rollover_signing_cert_encoded)

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The rollover_signing_cert_store and rollover_signing_cert_subject properties also may be used to specify a certificate.

When rollover_signing_cert_encoded is set, a search is initiated in the current rollover_signing_cert_store for the private key of the certificate. If the key is found, rollover_signing_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, rollover_signing_cert_subject is set to an empty string.

signature_algorithm Property

Signature algorithm to be used in outgoing messages.

Syntax

def get_signature_algorithm() -> str: ...
def set_signature_algorithm(value: str) -> None: ...

signature_algorithm = property(get_signature_algorithm, set_signature_algorithm)

Default Value

"sha-256"

Remarks

Signature Algorithm can be set to indicate the preferred signing algorithm. Possible values are:

• sha1
• md5
• sha-256 (or sha256) (default)
• sha-384 (or sha384)
• sha-512 (or sha512)
• sha-224 (or sha224)

The default value is "sha-256". When this property is set the mdn_options property is automatically updated to request the MDN receipt be signed with the same algorithm.

signing_cert_store Property

The name of the certificate store for the client certificate.

Syntax

def get_signing_cert_store() -> bytes: ...
def set_signing_cert_store(value: bytes) -> None: ...

signing_cert_store = property(get_signing_cert_store, set_signing_cert_store)

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The signing_cert_store_type property denotes the type of the certificate store specified by signing_cert_store. If the store is password-protected, specify the password in signing_cert_store_password.

signing_cert_store is used in conjunction with the signing_cert_subject property to specify client certificates. If signing_cert_store has a value, and signing_cert_subject or signing_cert_encoded is set, a search for a certificate is initiated. Please see the signing_cert_subject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

signing_cert_store_password Property

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

def get_signing_cert_store_password() -> str: ...
def set_signing_cert_store_password(value: str) -> None: ...

signing_cert_store_password = property(get_signing_cert_store_password, set_signing_cert_store_password)

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

signing_cert_store_type Property

The type of certificate store for this certificate.

Syntax

def get_signing_cert_store_type() -> int: ...
def set_signing_cert_store_type(value: int) -> None: ...

signing_cert_store_type = property(get_signing_cert_store_type, set_signing_cert_store_type)

Default Value

0

Remarks

The type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:

signing_cert_subject Property

The subject of the certificate used for client authentication.

Syntax

def get_signing_cert_subject() -> str: ...
def set_signing_cert_subject(value: str) -> None: ...

signing_cert_subject = property(get_signing_cert_subject, set_signing_cert_subject)

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

signing_cert_encoded Property

The certificate (PEM/Base64 encoded).

Syntax

def get_signing_cert_encoded() -> bytes: ...
def set_signing_cert_encoded(value: bytes) -> None: ...

signing_cert_encoded = property(get_signing_cert_encoded, set_signing_cert_encoded)

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The signing_cert_store and signing_cert_subject properties also may be used to specify a certificate.

When signing_cert_encoded is set, a search is initiated in the current signing_cert_store for the private key of the certificate. If the key is found, signing_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, signing_cert_subject is set to an empty string.

ssl_accept_server_cert_effective_date Property

The date on which this certificate becomes valid.

Syntax

def get_ssl_accept_server_cert_effective_date() -> str: ...

ssl_accept_server_cert_effective_date = property(get_ssl_accept_server_cert_effective_date, None)

Default Value

""

Remarks

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

This property is read-only.

ssl_accept_server_cert_expiration_date Property

The date on which the certificate expires.

Syntax

def get_ssl_accept_server_cert_expiration_date() -> str: ...

ssl_accept_server_cert_expiration_date = property(get_ssl_accept_server_cert_expiration_date, None)

Default Value

""

Remarks

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

This property is read-only.

ssl_accept_server_cert_extended_key_usage Property

A comma-delimited list of extended key usage identifiers.

Syntax

def get_ssl_accept_server_cert_extended_key_usage() -> str: ...

ssl_accept_server_cert_extended_key_usage = property(get_ssl_accept_server_cert_extended_key_usage, None)

Default Value

""

Remarks

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

This property is read-only.

ssl_accept_server_cert_fingerprint Property

The hex-encoded, 16-byte MD5 fingerprint of the certificate.

Syntax

def get_ssl_accept_server_cert_fingerprint() -> str: ...

ssl_accept_server_cert_fingerprint = property(get_ssl_accept_server_cert_fingerprint, None)

Default Value

""

Remarks

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

This property is read-only.

ssl_accept_server_cert_fingerprint_sha1 Property

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.

Syntax

def get_ssl_accept_server_cert_fingerprint_sha1() -> str: ...

ssl_accept_server_cert_fingerprint_sha1 = property(get_ssl_accept_server_cert_fingerprint_sha1, None)

Default Value

""

Remarks

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

This property is read-only.

ssl_accept_server_cert_fingerprint_sha256 Property

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.

Syntax

def get_ssl_accept_server_cert_fingerprint_sha256() -> str: ...

ssl_accept_server_cert_fingerprint_sha256 = property(get_ssl_accept_server_cert_fingerprint_sha256, None)

Default Value

""

Remarks

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

This property is read-only.

ssl_accept_server_cert_issuer Property

The issuer of the certificate.

Syntax

def get_ssl_accept_server_cert_issuer() -> str: ...

ssl_accept_server_cert_issuer = property(get_ssl_accept_server_cert_issuer, None)

Default Value

""

Remarks

The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.

This property is read-only.

ssl_accept_server_cert_private_key Property

The private key of the certificate (if available).

Syntax

def get_ssl_accept_server_cert_private_key() -> str: ...

ssl_accept_server_cert_private_key = property(get_ssl_accept_server_cert_private_key, None)

Default Value

""

Remarks

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The ssl_accept_server_cert_private_key may be available but not exportable. In this case, ssl_accept_server_cert_private_key returns an empty string.

This property is read-only.

ssl_accept_server_cert_private_key_available Property

Whether a PrivateKey is available for the selected certificate.

Syntax

def get_ssl_accept_server_cert_private_key_available() -> bool: ...

ssl_accept_server_cert_private_key_available = property(get_ssl_accept_server_cert_private_key_available, None)

Default Value

FALSE

Remarks

Whether a ssl_accept_server_cert_private_key is available for the selected certificate. If ssl_accept_server_cert_private_key_available is True, the certificate may be used for authentication purposes (e.g., server authentication).

This property is read-only.

ssl_accept_server_cert_private_key_container Property

The name of the PrivateKey container for the certificate (if available).

Syntax

def get_ssl_accept_server_cert_private_key_container() -> str: ...

ssl_accept_server_cert_private_key_container = property(get_ssl_accept_server_cert_private_key_container, None)

Default Value

""

Remarks

The name of the ssl_accept_server_cert_private_key container for the certificate (if available). This functionality is available only on Windows platforms.

This property is read-only.

ssl_accept_server_cert_public_key Property

The public key of the certificate.

Syntax

def get_ssl_accept_server_cert_public_key() -> str: ...

ssl_accept_server_cert_public_key = property(get_ssl_accept_server_cert_public_key, None)

Default Value

""

Remarks

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

This property is read-only.

ssl_accept_server_cert_public_key_algorithm Property

The textual description of the certificate's public key algorithm.

Syntax

def get_ssl_accept_server_cert_public_key_algorithm() -> str: ...

ssl_accept_server_cert_public_key_algorithm = property(get_ssl_accept_server_cert_public_key_algorithm, None)

Default Value

""

Remarks

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

This property is read-only.

ssl_accept_server_cert_public_key_length Property

The length of the certificate's public key (in bits).

Syntax

def get_ssl_accept_server_cert_public_key_length() -> int: ...

ssl_accept_server_cert_public_key_length = property(get_ssl_accept_server_cert_public_key_length, None)

Default Value

0

Remarks

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

This property is read-only.

ssl_accept_server_cert_serial_number Property

The serial number of the certificate encoded as a string.

Syntax

def get_ssl_accept_server_cert_serial_number() -> str: ...

ssl_accept_server_cert_serial_number = property(get_ssl_accept_server_cert_serial_number, None)

Default Value

""

Remarks

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

This property is read-only.

ssl_accept_server_cert_signature_algorithm Property

The text description of the certificate's signature algorithm.

Syntax

def get_ssl_accept_server_cert_signature_algorithm() -> str: ...

ssl_accept_server_cert_signature_algorithm = property(get_ssl_accept_server_cert_signature_algorithm, None)

Default Value

""

Remarks

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

This property is read-only.

ssl_accept_server_cert_store Property

The name of the certificate store for the client certificate.

Syntax

def get_ssl_accept_server_cert_store() -> bytes: ...
def set_ssl_accept_server_cert_store(value: bytes) -> None: ...

ssl_accept_server_cert_store = property(get_ssl_accept_server_cert_store, set_ssl_accept_server_cert_store)

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The ssl_accept_server_cert_store_type property denotes the type of the certificate store specified by ssl_accept_server_cert_store. If the store is password-protected, specify the password in ssl_accept_server_cert_store_password.

ssl_accept_server_cert_store is used in conjunction with the ssl_accept_server_cert_subject property to specify client certificates. If ssl_accept_server_cert_store has a value, and ssl_accept_server_cert_subject or ssl_accept_server_cert_encoded is set, a search for a certificate is initiated. Please see the ssl_accept_server_cert_subject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

ssl_accept_server_cert_store_password Property

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

def get_ssl_accept_server_cert_store_password() -> str: ...
def set_ssl_accept_server_cert_store_password(value: str) -> None: ...

ssl_accept_server_cert_store_password = property(get_ssl_accept_server_cert_store_password, set_ssl_accept_server_cert_store_password)

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

ssl_accept_server_cert_store_type Property

The type of certificate store for this certificate.

Syntax

def get_ssl_accept_server_cert_store_type() -> int: ...
def set_ssl_accept_server_cert_store_type(value: int) -> None: ...

ssl_accept_server_cert_store_type = property(get_ssl_accept_server_cert_store_type, set_ssl_accept_server_cert_store_type)

Default Value

0

Remarks

The type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:

ssl_accept_server_cert_subject_alt_names Property

Comma-separated lists of alternative subject names for the certificate.

Syntax

def get_ssl_accept_server_cert_subject_alt_names() -> str: ...

ssl_accept_server_cert_subject_alt_names = property(get_ssl_accept_server_cert_subject_alt_names, None)

Default Value

""

Remarks

Comma-separated lists of alternative subject names for the certificate.

This property is read-only.

ssl_accept_server_cert_thumbprint_md5 Property

The MD5 hash of the certificate.

Syntax

def get_ssl_accept_server_cert_thumbprint_md5() -> str: ...

ssl_accept_server_cert_thumbprint_md5 = property(get_ssl_accept_server_cert_thumbprint_md5, None)

Default Value

""

Remarks

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssl_accept_server_cert_thumbprint_sha1 Property

The SHA-1 hash of the certificate.

Syntax

def get_ssl_accept_server_cert_thumbprint_sha1() -> str: ...

ssl_accept_server_cert_thumbprint_sha1 = property(get_ssl_accept_server_cert_thumbprint_sha1, None)

Default Value

""

Remarks

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssl_accept_server_cert_thumbprint_sha256 Property

The SHA-256 hash of the certificate.

Syntax

def get_ssl_accept_server_cert_thumbprint_sha256() -> str: ...

ssl_accept_server_cert_thumbprint_sha256 = property(get_ssl_accept_server_cert_thumbprint_sha256, None)

Default Value

""

Remarks

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssl_accept_server_cert_usage Property

The text description of UsageFlags .

Syntax

def get_ssl_accept_server_cert_usage() -> str: ...

ssl_accept_server_cert_usage = property(get_ssl_accept_server_cert_usage, None)

Default Value

""

Remarks

The text description of ssl_accept_server_cert_usage_flags.

This value will be one or more of the following strings and will be separated by commas:

• Digital Signature
• Non-Repudiation
• Key Encipherment
• Data Encipherment
• Key Agreement
• Certificate Signing
• CRL Signing
• Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

This property is read-only.

ssl_accept_server_cert_usage_flags Property

The flags that show intended use for the certificate.

Syntax

def get_ssl_accept_server_cert_usage_flags() -> int: ...

ssl_accept_server_cert_usage_flags = property(get_ssl_accept_server_cert_usage_flags, None)

Default Value

0

Remarks

The flags that show intended use for the certificate. The value of ssl_accept_server_cert_usage_flags is a combination of the following flags:

Please see the ssl_accept_server_cert_usage property for a text representation of ssl_accept_server_cert_usage_flags.

This functionality currently is not available when the provider is OpenSSL.

This property is read-only.

ssl_accept_server_cert_version Property

The certificate's version number.

Syntax

def get_ssl_accept_server_cert_version() -> str: ...

ssl_accept_server_cert_version = property(get_ssl_accept_server_cert_version, None)

Default Value

""

Remarks

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

This property is read-only.

ssl_accept_server_cert_subject Property

The subject of the certificate used for client authentication.

Syntax

def get_ssl_accept_server_cert_subject() -> str: ...
def set_ssl_accept_server_cert_subject(value: str) -> None: ...

ssl_accept_server_cert_subject = property(get_ssl_accept_server_cert_subject, set_ssl_accept_server_cert_subject)

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

ssl_accept_server_cert_encoded Property

The certificate (PEM/Base64 encoded).

Syntax

def get_ssl_accept_server_cert_encoded() -> bytes: ...
def set_ssl_accept_server_cert_encoded(value: bytes) -> None: ...

ssl_accept_server_cert_encoded = property(get_ssl_accept_server_cert_encoded, set_ssl_accept_server_cert_encoded)

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The ssl_accept_server_cert_store and ssl_accept_server_cert_subject properties also may be used to specify a certificate.

When ssl_accept_server_cert_encoded is set, a search is initiated in the current ssl_accept_server_cert_store for the private key of the certificate. If the key is found, ssl_accept_server_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, ssl_accept_server_cert_subject is set to an empty string.

ssl_cert_effective_date Property

The date on which this certificate becomes valid.

Syntax

def get_ssl_cert_effective_date() -> str: ...

ssl_cert_effective_date = property(get_ssl_cert_effective_date, None)

Default Value

""

Remarks

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

This property is read-only.

ssl_cert_expiration_date Property

The date on which the certificate expires.

Syntax

def get_ssl_cert_expiration_date() -> str: ...

ssl_cert_expiration_date = property(get_ssl_cert_expiration_date, None)

Default Value

""

Remarks

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

This property is read-only.

ssl_cert_extended_key_usage Property

A comma-delimited list of extended key usage identifiers.

Syntax

def get_ssl_cert_extended_key_usage() -> str: ...

ssl_cert_extended_key_usage = property(get_ssl_cert_extended_key_usage, None)

Default Value

""

Remarks

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

This property is read-only.

ssl_cert_fingerprint Property

The hex-encoded, 16-byte MD5 fingerprint of the certificate.

Syntax

def get_ssl_cert_fingerprint() -> str: ...

ssl_cert_fingerprint = property(get_ssl_cert_fingerprint, None)

Default Value

""

Remarks

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

This property is read-only.

ssl_cert_fingerprint_sha1 Property

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.

Syntax

def get_ssl_cert_fingerprint_sha1() -> str: ...

ssl_cert_fingerprint_sha1 = property(get_ssl_cert_fingerprint_sha1, None)

Default Value

""

Remarks

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

This property is read-only.

ssl_cert_fingerprint_sha256 Property

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.

Syntax

def get_ssl_cert_fingerprint_sha256() -> str: ...

ssl_cert_fingerprint_sha256 = property(get_ssl_cert_fingerprint_sha256, None)

Default Value

""

Remarks

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

This property is read-only.

ssl_cert_issuer Property

The issuer of the certificate.

Syntax

def get_ssl_cert_issuer() -> str: ...

ssl_cert_issuer = property(get_ssl_cert_issuer, None)

Default Value

""

Remarks

The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.

This property is read-only.

ssl_cert_private_key Property

The private key of the certificate (if available).

Syntax

def get_ssl_cert_private_key() -> str: ...

ssl_cert_private_key = property(get_ssl_cert_private_key, None)

Default Value

""

Remarks

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The ssl_cert_private_key may be available but not exportable. In this case, ssl_cert_private_key returns an empty string.

This property is read-only.

ssl_cert_private_key_available Property

Whether a PrivateKey is available for the selected certificate.

Syntax

def get_ssl_cert_private_key_available() -> bool: ...

ssl_cert_private_key_available = property(get_ssl_cert_private_key_available, None)

Default Value

FALSE

Remarks

Whether a ssl_cert_private_key is available for the selected certificate. If ssl_cert_private_key_available is True, the certificate may be used for authentication purposes (e.g., server authentication).

This property is read-only.

ssl_cert_private_key_container Property

The name of the PrivateKey container for the certificate (if available).

Syntax

def get_ssl_cert_private_key_container() -> str: ...

ssl_cert_private_key_container = property(get_ssl_cert_private_key_container, None)

Default Value

""

Remarks

The name of the ssl_cert_private_key container for the certificate (if available). This functionality is available only on Windows platforms.

This property is read-only.

ssl_cert_public_key Property

The public key of the certificate.

Syntax

def get_ssl_cert_public_key() -> str: ...

ssl_cert_public_key = property(get_ssl_cert_public_key, None)

Default Value

""

Remarks

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

This property is read-only.

ssl_cert_public_key_algorithm Property

The textual description of the certificate's public key algorithm.

Syntax

def get_ssl_cert_public_key_algorithm() -> str: ...

ssl_cert_public_key_algorithm = property(get_ssl_cert_public_key_algorithm, None)

Default Value

""

Remarks

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

This property is read-only.

ssl_cert_public_key_length Property

The length of the certificate's public key (in bits).

Syntax

def get_ssl_cert_public_key_length() -> int: ...

ssl_cert_public_key_length = property(get_ssl_cert_public_key_length, None)

Default Value

0

Remarks

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

This property is read-only.

ssl_cert_serial_number Property

The serial number of the certificate encoded as a string.

Syntax

def get_ssl_cert_serial_number() -> str: ...

ssl_cert_serial_number = property(get_ssl_cert_serial_number, None)

Default Value

""

Remarks

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

This property is read-only.

ssl_cert_signature_algorithm Property

The text description of the certificate's signature algorithm.

Syntax

def get_ssl_cert_signature_algorithm() -> str: ...

ssl_cert_signature_algorithm = property(get_ssl_cert_signature_algorithm, None)

Default Value

""

Remarks

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

This property is read-only.

ssl_cert_store Property

The name of the certificate store for the client certificate.

Syntax

def get_ssl_cert_store() -> bytes: ...
def set_ssl_cert_store(value: bytes) -> None: ...

ssl_cert_store = property(get_ssl_cert_store, set_ssl_cert_store)

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The ssl_cert_store_type property denotes the type of the certificate store specified by ssl_cert_store. If the store is password-protected, specify the password in ssl_cert_store_password.

ssl_cert_store is used in conjunction with the ssl_cert_subject property to specify client certificates. If ssl_cert_store has a value, and ssl_cert_subject or ssl_cert_encoded is set, a search for a certificate is initiated. Please see the ssl_cert_subject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

ssl_cert_store_password Property

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

def get_ssl_cert_store_password() -> str: ...
def set_ssl_cert_store_password(value: str) -> None: ...

ssl_cert_store_password = property(get_ssl_cert_store_password, set_ssl_cert_store_password)

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

ssl_cert_store_type Property

The type of certificate store for this certificate.

Syntax

def get_ssl_cert_store_type() -> int: ...
def set_ssl_cert_store_type(value: int) -> None: ...

ssl_cert_store_type = property(get_ssl_cert_store_type, set_ssl_cert_store_type)

Default Value

0

Remarks

The type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:

ssl_cert_subject_alt_names Property

Comma-separated lists of alternative subject names for the certificate.

Syntax

def get_ssl_cert_subject_alt_names() -> str: ...

ssl_cert_subject_alt_names = property(get_ssl_cert_subject_alt_names, None)

Default Value

""

Remarks

Comma-separated lists of alternative subject names for the certificate.

This property is read-only.

ssl_cert_thumbprint_md5 Property

The MD5 hash of the certificate.

Syntax

def get_ssl_cert_thumbprint_md5() -> str: ...

ssl_cert_thumbprint_md5 = property(get_ssl_cert_thumbprint_md5, None)

Default Value

""

Remarks

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssl_cert_thumbprint_sha1 Property

The SHA-1 hash of the certificate.

Syntax

def get_ssl_cert_thumbprint_sha1() -> str: ...

ssl_cert_thumbprint_sha1 = property(get_ssl_cert_thumbprint_sha1, None)

Default Value

""

Remarks

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssl_cert_thumbprint_sha256 Property

The SHA-256 hash of the certificate.

Syntax

def get_ssl_cert_thumbprint_sha256() -> str: ...

ssl_cert_thumbprint_sha256 = property(get_ssl_cert_thumbprint_sha256, None)

Default Value

""

Remarks

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssl_cert_usage Property

The text description of UsageFlags .

Syntax

def get_ssl_cert_usage() -> str: ...

ssl_cert_usage = property(get_ssl_cert_usage, None)

Default Value

""

Remarks

The text description of ssl_cert_usage_flags.

This value will be one or more of the following strings and will be separated by commas:

• Digital Signature
• Non-Repudiation
• Key Encipherment
• Data Encipherment
• Key Agreement
• Certificate Signing
• CRL Signing
• Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

This property is read-only.

ssl_cert_usage_flags Property

The flags that show intended use for the certificate.

Syntax

def get_ssl_cert_usage_flags() -> int: ...

ssl_cert_usage_flags = property(get_ssl_cert_usage_flags, None)

Default Value

0

Remarks

The flags that show intended use for the certificate. The value of ssl_cert_usage_flags is a combination of the following flags:

Please see the ssl_cert_usage property for a text representation of ssl_cert_usage_flags.

This functionality currently is not available when the provider is OpenSSL.

This property is read-only.

ssl_cert_version Property

The certificate's version number.

Syntax

def get_ssl_cert_version() -> str: ...

ssl_cert_version = property(get_ssl_cert_version, None)

Default Value

""

Remarks

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

This property is read-only.

ssl_cert_subject Property

The subject of the certificate used for client authentication.

Syntax

def get_ssl_cert_subject() -> str: ...
def set_ssl_cert_subject(value: str) -> None: ...

ssl_cert_subject = property(get_ssl_cert_subject, set_ssl_cert_subject)

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

ssl_cert_encoded Property

The certificate (PEM/Base64 encoded).

Syntax

def get_ssl_cert_encoded() -> bytes: ...
def set_ssl_cert_encoded(value: bytes) -> None: ...

ssl_cert_encoded = property(get_ssl_cert_encoded, set_ssl_cert_encoded)

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The ssl_cert_store and ssl_cert_subject properties also may be used to specify a certificate.

When ssl_cert_encoded is set, a search is initiated in the current ssl_cert_store for the private key of the certificate. If the key is found, ssl_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, ssl_cert_subject is set to an empty string.

ssl_provider Property

The Secure Sockets Layer/Transport Layer Security (SSL/TLS) implementation to use.

Syntax

def get_ssl_provider() -> int: ...
def set_ssl_provider(value: int) -> None: ...

ssl_provider = property(get_ssl_provider, set_ssl_provider)

Default Value

0

Remarks

This property specifies the SSL/TLS implementation to use. In most cases the default value of 0 (Automatic) is recommended and should not be changed. When set to 0 (Automatic), the class will select whether to use the platform implementation or the internal implementation depending on the operating system as well as the TLS version being used.

Possible values are as follows:

In most cases using the default value (Automatic) is recommended. The class will select a provider depending on the current platform.

When Automatic is selected, on Windows, the class will use the platform implementation. On Linux/macOS, the class will use the internal implementation. When TLS 1.3 is enabled via SSLEnabledProtocols, the internal implementation is used on all platforms.

ssl_server_cert_effective_date Property

The date on which this certificate becomes valid.

Syntax

def get_ssl_server_cert_effective_date() -> str: ...

ssl_server_cert_effective_date = property(get_ssl_server_cert_effective_date, None)

Default Value

""

Remarks

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

This property is read-only.

ssl_server_cert_expiration_date Property

The date on which the certificate expires.

Syntax

def get_ssl_server_cert_expiration_date() -> str: ...

ssl_server_cert_expiration_date = property(get_ssl_server_cert_expiration_date, None)

Default Value

""

Remarks

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

This property is read-only.

ssl_server_cert_extended_key_usage Property

A comma-delimited list of extended key usage identifiers.

Syntax

def get_ssl_server_cert_extended_key_usage() -> str: ...

ssl_server_cert_extended_key_usage = property(get_ssl_server_cert_extended_key_usage, None)

Default Value

""

Remarks

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

This property is read-only.

ssl_server_cert_fingerprint Property

The hex-encoded, 16-byte MD5 fingerprint of the certificate.

Syntax

def get_ssl_server_cert_fingerprint() -> str: ...

ssl_server_cert_fingerprint = property(get_ssl_server_cert_fingerprint, None)

Default Value

""

Remarks

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

This property is read-only.

ssl_server_cert_fingerprint_sha1 Property

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.

Syntax

def get_ssl_server_cert_fingerprint_sha1() -> str: ...

ssl_server_cert_fingerprint_sha1 = property(get_ssl_server_cert_fingerprint_sha1, None)

Default Value

""

Remarks

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

This property is read-only.

ssl_server_cert_fingerprint_sha256 Property

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.

Syntax

def get_ssl_server_cert_fingerprint_sha256() -> str: ...

ssl_server_cert_fingerprint_sha256 = property(get_ssl_server_cert_fingerprint_sha256, None)

Default Value

""

Remarks

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

This property is read-only.

ssl_server_cert_issuer Property

The issuer of the certificate.

Syntax

def get_ssl_server_cert_issuer() -> str: ...

ssl_server_cert_issuer = property(get_ssl_server_cert_issuer, None)

Default Value

""

Remarks

The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.

This property is read-only.

ssl_server_cert_private_key Property

The private key of the certificate (if available).

Syntax

def get_ssl_server_cert_private_key() -> str: ...

ssl_server_cert_private_key = property(get_ssl_server_cert_private_key, None)

Default Value

""

Remarks

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The ssl_server_cert_private_key may be available but not exportable. In this case, ssl_server_cert_private_key returns an empty string.

This property is read-only.

ssl_server_cert_private_key_available Property

Whether a PrivateKey is available for the selected certificate.

Syntax

def get_ssl_server_cert_private_key_available() -> bool: ...

ssl_server_cert_private_key_available = property(get_ssl_server_cert_private_key_available, None)

Default Value

FALSE

Remarks

Whether a ssl_server_cert_private_key is available for the selected certificate. If ssl_server_cert_private_key_available is True, the certificate may be used for authentication purposes (e.g., server authentication).

This property is read-only.

ssl_server_cert_private_key_container Property

The name of the PrivateKey container for the certificate (if available).

Syntax

def get_ssl_server_cert_private_key_container() -> str: ...

ssl_server_cert_private_key_container = property(get_ssl_server_cert_private_key_container, None)

Default Value

""

Remarks

The name of the ssl_server_cert_private_key container for the certificate (if available). This functionality is available only on Windows platforms.

This property is read-only.

ssl_server_cert_public_key Property

The public key of the certificate.

Syntax

def get_ssl_server_cert_public_key() -> str: ...

ssl_server_cert_public_key = property(get_ssl_server_cert_public_key, None)

Default Value

""

Remarks

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

This property is read-only.

ssl_server_cert_public_key_algorithm Property

The textual description of the certificate's public key algorithm.

Syntax

def get_ssl_server_cert_public_key_algorithm() -> str: ...

ssl_server_cert_public_key_algorithm = property(get_ssl_server_cert_public_key_algorithm, None)

Default Value

""

Remarks

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

This property is read-only.

ssl_server_cert_public_key_length Property

The length of the certificate's public key (in bits).

Syntax

def get_ssl_server_cert_public_key_length() -> int: ...

ssl_server_cert_public_key_length = property(get_ssl_server_cert_public_key_length, None)

Default Value

0

Remarks

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

This property is read-only.

ssl_server_cert_serial_number Property

The serial number of the certificate encoded as a string.

Syntax

def get_ssl_server_cert_serial_number() -> str: ...

ssl_server_cert_serial_number = property(get_ssl_server_cert_serial_number, None)

Default Value

""

Remarks

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

This property is read-only.

ssl_server_cert_signature_algorithm Property

The text description of the certificate's signature algorithm.

Syntax

def get_ssl_server_cert_signature_algorithm() -> str: ...

ssl_server_cert_signature_algorithm = property(get_ssl_server_cert_signature_algorithm, None)

Default Value

""

Remarks

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

This property is read-only.

ssl_server_cert_store Property

The name of the certificate store for the client certificate.

Syntax

def get_ssl_server_cert_store() -> bytes: ...

ssl_server_cert_store = property(get_ssl_server_cert_store, None)

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The ssl_server_cert_store_type property denotes the type of the certificate store specified by ssl_server_cert_store. If the store is password-protected, specify the password in ssl_server_cert_store_password.

ssl_server_cert_store is used in conjunction with the ssl_server_cert_subject property to specify client certificates. If ssl_server_cert_store has a value, and ssl_server_cert_subject or ssl_server_cert_encoded is set, a search for a certificate is initiated. Please see the ssl_server_cert_subject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

This property is read-only.

ssl_server_cert_store_password Property

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

def get_ssl_server_cert_store_password() -> str: ...

ssl_server_cert_store_password = property(get_ssl_server_cert_store_password, None)

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

This property is read-only.

ssl_server_cert_store_type Property

The type of certificate store for this certificate.

Syntax

def get_ssl_server_cert_store_type() -> int: ...

ssl_server_cert_store_type = property(get_ssl_server_cert_store_type, None)

Default Value

0

Remarks

The type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:

This property is read-only.

ssl_server_cert_subject_alt_names Property

Comma-separated lists of alternative subject names for the certificate.

Syntax

def get_ssl_server_cert_subject_alt_names() -> str: ...

ssl_server_cert_subject_alt_names = property(get_ssl_server_cert_subject_alt_names, None)

Default Value

""

Remarks

Comma-separated lists of alternative subject names for the certificate.

This property is read-only.

ssl_server_cert_thumbprint_md5 Property

The MD5 hash of the certificate.

Syntax

def get_ssl_server_cert_thumbprint_md5() -> str: ...

ssl_server_cert_thumbprint_md5 = property(get_ssl_server_cert_thumbprint_md5, None)

Default Value

""

Remarks

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssl_server_cert_thumbprint_sha1 Property

The SHA-1 hash of the certificate.

Syntax

def get_ssl_server_cert_thumbprint_sha1() -> str: ...

ssl_server_cert_thumbprint_sha1 = property(get_ssl_server_cert_thumbprint_sha1, None)

Default Value

""

Remarks

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssl_server_cert_thumbprint_sha256 Property

The SHA-256 hash of the certificate.

Syntax

def get_ssl_server_cert_thumbprint_sha256() -> str: ...

ssl_server_cert_thumbprint_sha256 = property(get_ssl_server_cert_thumbprint_sha256, None)

Default Value

""

Remarks

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssl_server_cert_usage Property

The text description of UsageFlags .

Syntax

def get_ssl_server_cert_usage() -> str: ...

ssl_server_cert_usage = property(get_ssl_server_cert_usage, None)

Default Value

""

Remarks

The text description of ssl_server_cert_usage_flags.

This value will be one or more of the following strings and will be separated by commas:

• Digital Signature
• Non-Repudiation
• Key Encipherment
• Data Encipherment
• Key Agreement
• Certificate Signing
• CRL Signing
• Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

This property is read-only.

ssl_server_cert_usage_flags Property

The flags that show intended use for the certificate.

Syntax

def get_ssl_server_cert_usage_flags() -> int: ...

ssl_server_cert_usage_flags = property(get_ssl_server_cert_usage_flags, None)

Default Value

0

Remarks

The flags that show intended use for the certificate. The value of ssl_server_cert_usage_flags is a combination of the following flags:

Please see the ssl_server_cert_usage property for a text representation of ssl_server_cert_usage_flags.

This functionality currently is not available when the provider is OpenSSL.

This property is read-only.

ssl_server_cert_version Property

The certificate's version number.

Syntax

def get_ssl_server_cert_version() -> str: ...

ssl_server_cert_version = property(get_ssl_server_cert_version, None)

Default Value

""

Remarks

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

This property is read-only.

ssl_server_cert_subject Property

The subject of the certificate used for client authentication.

Syntax

def get_ssl_server_cert_subject() -> str: ...

ssl_server_cert_subject = property(get_ssl_server_cert_subject, None)

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

This property is read-only.

ssl_server_cert_encoded Property

The certificate (PEM/Base64 encoded).

Syntax

def get_ssl_server_cert_encoded() -> bytes: ...

ssl_server_cert_encoded = property(get_ssl_server_cert_encoded, None)

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The ssl_server_cert_store and ssl_server_cert_subject properties also may be used to specify a certificate.

When ssl_server_cert_encoded is set, a search is initiated in the current ssl_server_cert_store for the private key of the certificate. If the key is found, ssl_server_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, ssl_server_cert_subject is set to an empty string.

This property is read-only.

subject Property

The subject of the message.

Syntax

def get_subject() -> str: ...
def set_subject(value: str) -> None: ...

subject = property(get_subject, set_subject)

Default Value

""

Remarks

The optional human-readable subject of the message. Some AS2 partners will use this field to send additional information about the transmission at the transport layer.

timeout Property

The timeout for the class.

Syntax

def get_timeout() -> int: ...
def set_timeout(value: int) -> None: ...

timeout = property(get_timeout, set_timeout)

Default Value

60

Remarks

If the timeout property is set to 0, all operations will run uninterrupted until successful completion or an error condition is encountered.

If timeout is set to a positive value, the class will wait for the operation to complete before returning control.

The class will use do_events to enter an efficient wait loop during any potential waiting period, making sure that all system events are processed immediately as they arrive. This ensures that the host application does not freeze and remains responsive.

If timeout expires, and the operation is not yet complete, the class fails with an error.

Note: By default, all timeouts are inactivity timeouts, that is, the timeout period is extended by timeout seconds when any amount of data is successfully sent or received.

The default value for the timeout property is 60 seconds.

url Property

The URL to which the request is made.

Syntax

def get_url() -> str: ...
def set_url(value: str) -> None: ...

url = property(get_url, set_url)

Default Value

""

Remarks

This property specifies the URL to which the request is made. SSL will be used if and only if the URL scheme is "https".

use_oaep Property

This property specifies whether or not to use Optimal Asymmetric Encryption Padding (OAEP).

Syntax

def get_use_oaep() -> bool: ...
def set_use_oaep(value: bool) -> None: ...

use_oaep = property(get_use_oaep, set_use_oaep)

Default Value

FALSE

Remarks

This property specifies whether or not to use Optimal Asymmetric Encryption Padding (OAEP). By default, this value is False and the class will use PKCS1.

To specify nondefault OAEP options, please see OAEPRSAHashAlgorithm, OAEPMGF1HashAlgorithm, and OAEPParams

use_pss Property

This property specifies whether or not RSA-PSS will be used during signing and verification.

Syntax

def get_use_pss() -> bool: ...
def set_use_pss(value: bool) -> None: ...

use_pss = property(get_use_pss, set_use_pss)

Default Value

FALSE

Remarks

This property specifies whether or not RSA-PSS will be used when signing and verifying messages. The default value is False.

user_agent Property

Information about the user agent.

Syntax

def get_user_agent() -> str: ...
def set_user_agent(value: str) -> None: ...

user_agent = property(get_user_agent, set_user_agent)

Default Value

"IPWorks EDI AS2Sender Component - www.nsoftware.com"

Remarks

You may override the default with the name and version of your software.

config Method

Sets or retrieves a configuration setting.

Syntax

def config(configuration_string: str) -> str: ...

Remarks

config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.

These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the config method.

To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).

To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.

do_events Method

This method processes events from the internal message queue.

Syntax

def do_events() -> None: ...

Remarks

When do_events is called, the class processes any available events. If no events are available, it waits for a preset period of time, and then returns.

interrupt Method

This method interrupts the current method.

Syntax

def interrupt() -> None: ...

Remarks

If there is no method in progress, interrupt simply returns, doing nothing.

post Method

Post data to the AS2 server, and check the receipt.

Syntax

def post() -> None: ...

Remarks

Post data to the server. The reply will also be checked, and if a synchronous MDN was requested (i.e., mdn_to is not empty), it will be validated. After the method finishes, the mdn_receipt, ReceiptSigningProtocol, and receipt_signer_cert properties will be populated with the appropriate values.

The method operates synchronously, and will throw an exception if any errors or warnings occur. Errors might include a failure to decrypt or authenticate the receipt, the absence of an MDN when one was requested, TCP/IP errors, or any errors reported by the server in the MDN. Warnings might include the return of an unsigned receipt when a signed receipt was requested, or other warnings reported by the server in the MDN.

If an exception is thrown the error code will correspond to the severity of the warning or error, allowing client software to determine whether or not to accept the reply. If multiple errors occur, the exception will return a special error code, and the error message will contain a line for each error's code and description; i.e. "423: Failed to authenticate sender". If the error(s) is/are not fatal processing will not be interrupted, and the relevant properties will be populated as normal.

read_async_receipt Method

Reads an asynchronous MDN receipt from the current HTTP session.

Syntax

def read_async_receipt() -> None: ...

Remarks

read_async_receipt is used to read an asynchronous MDN receipt from the . The class will fetch the request stream from the HTTP session. mdn_receipt will be populated with a new instance of MDNReceipt.

reset Method

Resets the state of the control.

Syntax

def reset() -> None: ...

Remarks

Resets all HTTP headers as well as edi_data, etc. After invoking this method the class may be reused as if it were newly created.

restart Method

Restart sending of the file specified by the Etag property.

Syntax

def restart() -> None: ...

Remarks

This method should be called when using the AS2 restart functionality. When called, the class will process the file and cache the processed contents to the restart_directory. Before sending, the etag property will be populated with a unique etag which identifies the processed file.

If sending is interrupted or fails, this method should be called to restart sending of the previously processed file starting where the interruption occurred. In order to restart from the last transfer, the etag must be populated with the value from the last connection.

NOTE: When using restart functionality, the data is completely processed to the restart_directory before sending begins.

send_cem_request Method

Sends a Certificate Exchange Messaging (CEM) request.

Syntax

def send_cem_request(request_id: str) -> None: ...

Remarks

This method send the Certificate Exchange Messaging (CEM) request with the details specified in cem_details.

Certificate Exchange Messaging (CEM) allows for new certificates to be sent to a recipient and be automatically updated. This removes the requirement to manually send new certificates to a partner via email or other means. When both sides support this functionality updating certificates can be accomplished in a short period of time.

To prepare a CEM request populate the cem_details collection with at least one certificate. For instance if the certificate of the application will be updated soon, the cem_details may be populated with the corresponding public certificate to be sent to your partner. cem_details should only contain public certificates.

Set cem_respond_by_date to the date by which you expect a response. The format is of the XML standard dateTime type expressed in local time with UTC offset. For instance: "2005-08-31T00:21:00-05:00".

Optionally set cem_cert_id to a friendly identifier that the partner may use to help understand the purpose of the new certificate. For instance "New.Encryption.Cert.2014".

Set cem_response_url to the publicly accessible URL where the CEM response will be sent after the partner processes it.

The RequestId parameter uniquely identifies this CEM request and must be saved for use later when receiving the CEM response.

When calling this method the applicable cem_details properties are:

• cem_cert_store_type
• cem_cert_store
• cem_cert_store_password
• cem_cert_subject
• cem_respond_by_date
• cem_response_url
• cem_cert_usage (optional)
• cem_cert_id (optional)

send_cem_response Method

Sends a Certificate Exchange Messaging (CEM) response.

Syntax

def send_cem_response(request_id: str) -> None: ...

Remarks

This method send the Certificate Exchange Messaging (CEM) request with the details specified in cem_details.

A CEM request must have previously been received using AS2Receiver. To send the CEM response, populate cem_details with the certificate information and decide whether to accept or reject the request. The following properties may be set to specify the certificate:

• cem_cert_store_type
• cem_cert_store
• cem_cert_subject

• cem_cert_issuer
• cem_cert_serial_number

After specifying the certificate information choose whether to accept or reject the request. To accept the request set cem_accepted to True. To reject the request set cem_accepted to False and specify a reason in cem_rejection_reason.

Call send_cem_response and pass the CEM request Id that was retrieved from the request.

set_request_header Method

Allows the user to set or add arbitrary HTTP request headers.

Syntax

def set_request_header(header_name: str, header_value: str) -> None: ...

Remarks

HeaderName should contain the header name, and HeaderValue should contain its value. Use this to set headers such as To, Date, etc. Note that a default value for Date will automatically be determined and this method may be used to override the default.

SetRequestHeader may be used to set any header except for the following: AS2-To, AS2-From, AS2-Version, Subject, Message-Id, Disposition-Notification-To, Disposition-Notification-Options, Receipt-Delivery-Option, Host, Content-Length.

set_tp_info Method

A convenient way to set AS2 communication parameters using XML strings.

Syntax

def set_tp_info(profile: str) -> None: ...

Remarks

SetTPInfo offers a convenient way to set AS2 communication parameters using XML strings. The format of the XML is the same as provided by the method GetTPInfo of AS2ProfileMgr.

The "self" information should always precede the partner information as shown below. AS2Sender as2sender = new AS2Sender(); AS2Profilemgr mgr = new AS2Profilemgr(); mgr.DataDir = @"C:\as2data"; as2sender.SetTPInfo(mgr.GetTPInfo("self")); as2sender.SetTPInfo(mgr.GetTPInfo("partnerOrg")); as2sender.EDIFile = @"C:\as2Data.x12"; as2sender.Post();

verify_receipt Method

Verifies an asynchronous MDN receipt.

Syntax

def verify_receipt() -> None: ...

Remarks

VerifyReceipt verifies the receipt in mdn_receipt against original_content_mic, message_id and the preferences specified in mdn_options. The method operates similarly to post: After the method finishes, the mdn_receipt, ReceiptSigningProtocol, and receipt_signer_cert properties will be populated with the appropriate values.

The method operates synchronously, and will throw an exception if any errors or warnings occur. Errors might include a failure to decrypt or authenticate the receipt, the absence of an MDN when one was requested, TCP/IP errors, or any errors reported by the server in the MDN. Warnings might include the return of an unsigned receipt when a signed receipt was requested, or other warnings reported by the server in the MDN.

If an exception is thrown the error code will correspond to the severity of the warning or error, allowing client software to determine whether or not to accept the reply. If multiple errors occur, the exception will return a special error code, and the error message will contain a line for each error's code and description; i.e. "423: Failed to authenticate sender". If the error(s) is/are not fatal processing will not be interrupted, and the relevant properties will be populated as normal.

This method should be used to verify receipts received asynchronously; i.e., not in the HTTP reply to a POST. When posting, asynchronous MDN delivery may be requested by setting mdn_delivery_option.

on_connected Event

Fired immediately after a connection completes (or fails).

Syntax

class AS2SenderConnectedEventParams(object):
  @property
  def status_code() -> int: ...

  @property
  def description() -> str: ...

# In class AS2Sender:
@property
def on_connected() -> Callable[[AS2SenderConnectedEventParams], None]: ...
@on_connected.setter
def on_connected(event_hook: Callable[[AS2SenderConnectedEventParams], None]) -> None: ...

Remarks

If the connection is made normally, StatusCode is 0 and Description is "OK".

If the connection fails, StatusCode has the error code returned by the Transmission Control Protocol (TCP)/IP stack. Description contains a description of this code. The value of StatusCode is equal to the value of the error.

Please refer to the Error Codes section for more information.

on_disconnected Event

Fired when a connection is closed.

Syntax

class AS2SenderDisconnectedEventParams(object):
  @property
  def status_code() -> int: ...

  @property
  def description() -> str: ...

# In class AS2Sender:
@property
def on_disconnected() -> Callable[[AS2SenderDisconnectedEventParams], None]: ...
@on_disconnected.setter
def on_disconnected(event_hook: Callable[[AS2SenderDisconnectedEventParams], None]) -> None: ...

Remarks

If the connection is broken normally, StatusCode is 0 and Description is "OK".

If the connection is broken for any other reason, StatusCode has the error code returned by the Transmission Control Protocol (TCP/IP) subsystem. Description contains a description of this code. The value of StatusCode is equal to the value of the TCP/IP error.

Please refer to the Error Codes section for more information.

on_end_transfer Event

Fired when a document finishes transferring.

Syntax

class AS2SenderEndTransferEventParams(object):
  @property
  def direction() -> int: ...

# In class AS2Sender:
@property
def on_end_transfer() -> Callable[[AS2SenderEndTransferEventParams], None]: ...
@on_end_transfer.setter
def on_end_transfer(event_hook: Callable[[AS2SenderEndTransferEventParams], None]) -> None: ...

Remarks

This event is fired first when the client finishes sending data to the server (in a POST or PUT request) and then when the document text finishes transferring from the server to the local host.

The Direction parameter shows whether the client (0) or the server (1) is sending the data.

on_error Event

Fired when information is available about errors during data delivery.

Syntax

class AS2SenderErrorEventParams(object):
  @property
  def error_code() -> int: ...

  @property
  def description() -> str: ...

# In class AS2Sender:
@property
def on_error() -> Callable[[AS2SenderErrorEventParams], None]: ...
@on_error.setter
def on_error(event_hook: Callable[[AS2SenderErrorEventParams], None]) -> None: ...

Remarks

The on_error event is fired in case of exceptional conditions during message processing. Normally the class fails with an error.

The ErrorCode parameter contains an error code, and the Description parameter contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.

on_header Event

Fired every time a header line comes in.

Syntax

class AS2SenderHeaderEventParams(object):
  @property
  def field() -> str: ...

  @property
  def value() -> str: ...

# In class AS2Sender:
@property
def on_header() -> Callable[[AS2SenderHeaderEventParams], None]: ...
@on_header.setter
def on_header(event_hook: Callable[[AS2SenderHeaderEventParams], None]) -> None: ...

Remarks

The Field parameter contains the name of the HTTP header (same case as it is delivered). The Value parameter contains the header contents.

If the header line being retrieved is a continuation header line, then the Field parameter contains an empty string.

Note that only the top-level headers will be returned through this event, and that they are available through the reply_headers property.

The Field parameter contains the name of the HTTP header (which is the same as it is delivered). The Value parameter contains the header contents.

If the header line being retrieved is a continuation header line, then the Field parameter contains "" (empty string).

on_log Event

Fired with log information while processing a message.

Syntax

class AS2SenderLogEventParams(object):
  @property
  def log_type() -> str: ...

  @property
  def log_message() -> bytes: ...

# In class AS2Sender:
@property
def on_log() -> Callable[[AS2SenderLogEventParams], None]: ...
@on_log.setter
def on_log(event_hook: Callable[[AS2SenderLogEventParams], None]) -> None: ...

Remarks

This event fires once for each log message generated by the class. The verbosity is controlled by the LogLevel setting.

Log messages available through this event correspond to log files written to log_directory. This event provides a way to obtain log messages without relying on files on disk. This event fires regardless of the value of log_directory (i.e. when log_directory is empty the event will still fire).

The LogMessage event parameter holds the raw log data.

The LogType event parameter indicates the type of log. Possible values are:

on_set_cookie Event

Fired for every cookie set by the server.

Syntax

class AS2SenderSetCookieEventParams(object):
  @property
  def name() -> str: ...

  @property
  def value() -> str: ...

  @property
  def expires() -> str: ...

  @property
  def domain() -> str: ...

  @property
  def path() -> str: ...

  @property
  def secure() -> bool: ...

# In class AS2Sender:
@property
def on_set_cookie() -> Callable[[AS2SenderSetCookieEventParams], None]: ...
@on_set_cookie.setter
def on_set_cookie(event_hook: Callable[[AS2SenderSetCookieEventParams], None]) -> None: ...

Remarks

This event is fired for every Set-Cookie: header received from the HTTP server.

The Name parameter contains the name of the cookie, with the corresponding value supplied in the Value parameter.

The Expires parameter contains an expiration time for the cookie (if provided by the server). The time format used is "Weekday, DD-Mon-YY HH:MM:SS GMT". If the server does not provide an expiration time, the Expires parameter will be an empty string. In this case, the convention is to drop the cookie at the end of the session.

The Domain parameter contains a domain name to limit the cookie to (if provided by the server). If the server does not provide a domain name, the Domain parameter will be an empty string. The convention in this case is to use the server specified in the URL (url_server) as the cookie domain.

The Path parameter contains a path name to limit the cookie to (if provided by the server). If the server does not provide a cookie path, the Path parameter will be an empty string. The convention in this case is to use the path specified in the URL (url_path) as the cookie path.

The Secure parameter specifies whether the cookie is secure. If the value of this parameter is True, the cookie value must be submitted only through a secure (HTTPS) connection.

on_ssl_server_authentication Event

Fired after the server presents its certificate to the client.

Syntax

class AS2SenderSSLServerAuthenticationEventParams(object):
  @property
  def cert_encoded() -> bytes: ...

  @property
  def cert_subject() -> str: ...

  @property
  def cert_issuer() -> str: ...

  @property
  def status() -> str: ...

  @property
  def accept() -> bool: ...
  @accept.setter
  def accept(value) -> None: ...

# In class AS2Sender:
@property
def on_ssl_server_authentication() -> Callable[[AS2SenderSSLServerAuthenticationEventParams], None]: ...
@on_ssl_server_authentication.setter
def on_ssl_server_authentication(event_hook: Callable[[AS2SenderSSLServerAuthenticationEventParams], None]) -> None: ...

Remarks

This event is where the client can decide whether to continue with the connection process or not. The Accept parameter is a recommendation on whether to continue or close the connection. This is just a suggestion: application software must use its own logic to determine whether to continue or not.

When Accept is False, Status shows why the verification failed (otherwise, Status contains the string "OK").

on_ssl_status Event

Fired when secure connection progress messages are available.

Syntax

class AS2SenderSSLStatusEventParams(object):
  @property
  def message() -> str: ...

# In class AS2Sender:
@property
def on_ssl_status() -> Callable[[AS2SenderSSLStatusEventParams], None]: ...
@on_ssl_status.setter
def on_ssl_status(event_hook: Callable[[AS2SenderSSLStatusEventParams], None]) -> None: ...

Remarks

The event is fired for informational and logging purposes only. This event tracks the progress of the connection.

on_start_transfer Event

Fired when a document starts transferring (after the headers).

Syntax

class AS2SenderStartTransferEventParams(object):
  @property
  def direction() -> int: ...

# In class AS2Sender:
@property
def on_start_transfer() -> Callable[[AS2SenderStartTransferEventParams], None]: ...
@on_start_transfer.setter
def on_start_transfer(event_hook: Callable[[AS2SenderStartTransferEventParams], None]) -> None: ...

Remarks

This event is fired first when the client starts sending data to the server (in a POST or PUT request) and then when the document text starts transferring from the server to the local host.

The Direction parameter shows whether the client (0) or the server (1) is sending the data.

on_transfer Event

Fired while a document transfers (delivers document).

Syntax

class AS2SenderTransferEventParams(object):
  @property
  def direction() -> int: ...

  @property
  def bytes_transferred() -> int: ...

  @property
  def percent_done() -> int: ...

  @property
  def text() -> bytes: ...

# In class AS2Sender:
@property
def on_transfer() -> Callable[[AS2SenderTransferEventParams], None]: ...
@on_transfer.setter
def on_transfer(event_hook: Callable[[AS2SenderTransferEventParams], None]) -> None: ...

Remarks

The Text parameter contains the portion of the document text being received. It is empty if data are being posted to the server.

The BytesTransferred parameter contains the number of bytes transferred in this Direction since the beginning of the document text (excluding HTTP response headers).

The Direction parameter shows whether the client (0) or the server (1) is sending the data.

The PercentDone parameter shows the progress of the transfer in the corresponding direction. If PercentDone can not be calculated the value will be -1.

Note: Events are not re-entrant. Performing time-consuming operations within this event will prevent it from firing again in a timely manner and may affect overall performance.

AS2Sender Config Settings

AS2Sender Config Settings

HTTP Config Settings

TCPClient Config Settings

SSL Config Settings

-----BEGIN CERTIFICATE-----
MIIEKzCCAxOgAwIBAgIRANTET4LIkxdH6P+CFIiHvTowDQYJKoZIhvcNAQELBQAw
... Intermediate Cert ...
eWHV5OW1K53o/atv59sOiW5K3crjFhsBOd5Q+cJJnU+SWinPKtANXMht+EDvYY2w
F0I1XhM+pKj7FjDr+XNj
-----END CERTIFICATE-----
\r \n
-----BEGIN CERTIFICATE-----
MIIEFjCCAv6gAwIBAgIQetu1SMxpnENAnnOz1P+PtTANBgkqhkiG9w0BAQUFADBp
... Root Cert ...
d8q23djXZbVYiIfE9ebr4g3152BlVCHZ2GyPdjhIuLeH21VbT/dyEHHA
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
MIIEKzCCAxOgAwIBAgIRANTET4LIkxdH6P+CFIiHvTowDQYJKoZIhvcNAQELBQAw
... Intermediate Cert ...
eWHV5OW1K53o/atv59sOiW5K3crjFhsBOd5Q+cJJnU+SWinPKtANXMht+EDvYY2w
F0I1XhM+pKj7FjDr+XNj
-----END CERTIFICATE-----
\r \n
-----BEGIN CERTIFICATE-----
MIIEFjCCAv6gAwIBAgIQetu1SMxpnENAnnOz1P+PtTANBgkqhkiG9w0BAQUFADBp
... Root Cert ...
d8q23djXZbVYiIfE9ebr4g3152BlVCHZ2GyPdjhIuLeH21VbT/dyEHHA
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
MIIEKzCCAxOgAwIBAgIRANTET4LIkxdH6P+CFIiHvTowDQYJKoZIhvcNAQELBQAw
... Intermediate Cert...
eWHV5OW1K53o/atv59sOiW5K3crjFhsBOd5Q+cJJnU+SWinPKtANXMht+EDvYY2w
F0I1XhM+pKj7FjDr+XNj
-----END CERTIFICATE-----
\r \n
-----BEGIN CERTIFICATE-----
MIIEFjCCAv6gAwIBAgIQetu1SMxpnENAnnOz1P+PtTANBgkqhkiG9w0BAQUFADBp
... Root Cert...
d8q23djXZbVYiIfE9ebr4g3152BlVCHZ2GyPdjhIuLeH21VbT/dyEHHA
-----END CERTIFICATE-----

Socket Config Settings

Base Config Settings