SPOP Class
Properties Methods Events Config Settings Errors
The SPOP Class is used to easily retrieve electronic mail from internet post office servers (POP).
Syntax
class ipworkssmime.SPOP
Remarks
The SPOP Class is the S/MIME-enabled equivalent of the IPWorks POP Class. In addition to standard POP functions, the SPOP class can decrypt and verify message signatures. The methods and properties for decrypting and verifying signatures are identical to those provided with the S/MIME Class. When attempting to verify a signed message or when decrypting a message call, the decrypt, verify_signature, or decrypt_and_verify_signature methods and the resulting text will be replaced in message.
The SPOP Class implements a standard internet post office (POP3) client as specified in RFC 1725.
To connect to a mail_server, first set the appropriate user and password and then connect by calling the connect method. Upon successful connection to the mail_server, the number of waiting messages is shown by the message_count property. A message is selected by setting the message_number property to a number between 1 and message_count (inclusive). Then, the message text and headers are received by calling the retrieve method.
The message text is received through the on_transfer event, whereas the message headers are received through the on_header event. Additionally, up to max_lines from the message body are provided in the message_text property. The body of the message is also saved in the file specified by the local_file property. on_start_transfer and on_end_transfer events are fired at the beginning and end of message transmission. The on_pi_trail event provides a trace of the interaction between the client and server (excluding message transfers).
Property List
The following is the full list of the properties of the class with short descriptions. Click on the links for further details.
auth_mechanism | This property includes the authentication mechanism to be used when connecting to the mail server. |
cert_effective_date | The date on which this certificate becomes valid. |
cert_expiration_date | The date on which the certificate expires. |
cert_extended_key_usage | A comma-delimited list of extended key usage identifiers. |
cert_fingerprint | The hex-encoded, 16-byte MD5 fingerprint of the certificate. |
cert_fingerprint_sha1 | The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. |
cert_fingerprint_sha256 | The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. |
cert_issuer | The issuer of the certificate. |
cert_private_key | The private key of the certificate (if available). |
cert_private_key_available | Whether a PrivateKey is available for the selected certificate. |
cert_private_key_container | The name of the PrivateKey container for the certificate (if available). |
cert_public_key | The public key of the certificate. |
cert_public_key_algorithm | The textual description of the certificate's public key algorithm. |
cert_public_key_length | The length of the certificate's public key (in bits). |
cert_serial_number | The serial number of the certificate encoded as a string. |
cert_signature_algorithm | The text description of the certificate's signature algorithm. |
cert_store | The name of the certificate store for the client certificate. |
cert_store_password | If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store. |
cert_store_type | The type of certificate store for this certificate. |
cert_subject_alt_names | Comma-separated lists of alternative subject names for the certificate. |
cert_thumbprint_md5 | The MD5 hash of the certificate. |
cert_thumbprint_sha1 | The SHA-1 hash of the certificate. |
cert_thumbprint_sha256 | The SHA-256 hash of the certificate. |
cert_usage | The text description of UsageFlags . |
cert_usage_flags | The flags that show intended use for the certificate. |
cert_version | The certificate's version number. |
cert_subject | The subject of the certificate used for client authentication. |
cert_encoded | The certificate (PEM/Base64 encoded). |
connected | Whether the class is connected. |
firewall_auto_detect | Whether to automatically detect and use firewall system settings, if available. |
firewall_type | The type of firewall to connect through. |
firewall_host | The name or IP address of the firewall (optional). |
firewall_password | A password if authentication is to be used when connecting through the firewall. |
firewall_port | The Transmission Control Protocol (TCP) port for the firewall Host . |
firewall_user | A username if authentication is to be used when connecting through a firewall. |
idle | The current status of the class. |
include_headers | This property instructs the class to include the headers in the MessageText and LocalFile. |
last_reply | This property indicates the last reply received from the server. |
local_host | The name of the local host or user-assigned IP interface through which connections are initiated or accepted. |
mail_port | This property includes the server port for POP (default 110). |
mail_server | This property includes the name or address of a mail server (internet post office server). |
max_lines | This property includes the maximum number of message lines other than headers to retrieve. |
message | This property provides the raw message content. |
message_cc | This property includes the value of the CC header of the last retrieved message. |
message_count | This property includes the number of messages in the mailbox. |
message_date | This property includes the value of the date header of the last retrieved message. |
message_from | This property includes the value of the from header of the last retrieved message. |
message_header_count | The number of records in the MessageHeader arrays. |
message_header_field | This property contains the name of the HTTP header (this is the same case as it is delivered). |
message_header_value | This property contains the header contents. |
message_headers_string | This property includes a string representation of the full headers of the message as retrieved from the server. |
message_number | This property includes the current (selected) message. |
message_recipient_count | The number of records in the MessageRecipient arrays. |
message_recipient_address | This property contains the email address of the recipient. |
message_recipient_name | This property contains the name of the recipient. |
message_recipient_options | This property contains the recipient sending options (used only by SMTP). |
message_recipient_type | This property contains the recipient type: To, Cc, or Bcc. |
message_reply_to | This property includes the value of the Reply-To header of the last retrieved message. |
message_subject | This property includes the value of the Subject header of the last retrieved message. |
message_text | This property includes the full text of the message as retrieved from the server. |
message_to | This property includes the value of the To header of the last retrieved message. |
password | This property includes the password for the mailbox user. |
signer_cert_effective_date | The date on which this certificate becomes valid. |
signer_cert_expiration_date | The date on which the certificate expires. |
signer_cert_extended_key_usage | A comma-delimited list of extended key usage identifiers. |
signer_cert_fingerprint | The hex-encoded, 16-byte MD5 fingerprint of the certificate. |
signer_cert_fingerprint_sha1 | The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. |
signer_cert_fingerprint_sha256 | The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. |
signer_cert_issuer | The issuer of the certificate. |
signer_cert_private_key | The private key of the certificate (if available). |
signer_cert_private_key_available | Whether a PrivateKey is available for the selected certificate. |
signer_cert_private_key_container | The name of the PrivateKey container for the certificate (if available). |
signer_cert_public_key | The public key of the certificate. |
signer_cert_public_key_algorithm | The textual description of the certificate's public key algorithm. |
signer_cert_public_key_length | The length of the certificate's public key (in bits). |
signer_cert_serial_number | The serial number of the certificate encoded as a string. |
signer_cert_signature_algorithm | The text description of the certificate's signature algorithm. |
signer_cert_store | The name of the certificate store for the client certificate. |
signer_cert_store_password | If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store. |
signer_cert_store_type | The type of certificate store for this certificate. |
signer_cert_subject_alt_names | Comma-separated lists of alternative subject names for the certificate. |
signer_cert_thumbprint_md5 | The MD5 hash of the certificate. |
signer_cert_thumbprint_sha1 | The SHA-1 hash of the certificate. |
signer_cert_thumbprint_sha256 | The SHA-256 hash of the certificate. |
signer_cert_usage | The text description of UsageFlags . |
signer_cert_usage_flags | The flags that show intended use for the certificate. |
signer_cert_version | The certificate's version number. |
signer_cert_subject | The subject of the certificate used for client authentication. |
signer_cert_encoded | The certificate (PEM/Base64 encoded). |
signer_cert_chain_count | The number of records in the SignerCertChain arrays. |
signer_cert_chain_effective_date | The date on which this certificate becomes valid. |
signer_cert_chain_expiration_date | The date on which the certificate expires. |
signer_cert_chain_extended_key_usage | A comma-delimited list of extended key usage identifiers. |
signer_cert_chain_fingerprint | The hex-encoded, 16-byte MD5 fingerprint of the certificate. |
signer_cert_chain_fingerprint_sha1 | The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. |
signer_cert_chain_fingerprint_sha256 | The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. |
signer_cert_chain_issuer | The issuer of the certificate. |
signer_cert_chain_private_key | The private key of the certificate (if available). |
signer_cert_chain_private_key_available | Whether a PrivateKey is available for the selected certificate. |
signer_cert_chain_private_key_container | The name of the PrivateKey container for the certificate (if available). |
signer_cert_chain_public_key | The public key of the certificate. |
signer_cert_chain_public_key_algorithm | The textual description of the certificate's public key algorithm. |
signer_cert_chain_public_key_length | The length of the certificate's public key (in bits). |
signer_cert_chain_serial_number | The serial number of the certificate encoded as a string. |
signer_cert_chain_signature_algorithm | The text description of the certificate's signature algorithm. |
signer_cert_chain_store | The name of the certificate store for the client certificate. |
signer_cert_chain_store_password | If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store. |
signer_cert_chain_store_type | The type of certificate store for this certificate. |
signer_cert_chain_subject_alt_names | Comma-separated lists of alternative subject names for the certificate. |
signer_cert_chain_thumbprint_md5 | The MD5 hash of the certificate. |
signer_cert_chain_thumbprint_sha1 | The SHA-1 hash of the certificate. |
signer_cert_chain_thumbprint_sha256 | The SHA-256 hash of the certificate. |
signer_cert_chain_usage | The text description of UsageFlags . |
signer_cert_chain_usage_flags | The flags that show intended use for the certificate. |
signer_cert_chain_version | The certificate's version number. |
signer_cert_chain_subject | The subject of the certificate used for client authentication. |
signer_cert_chain_encoded | The certificate (PEM/Base64 encoded). |
signing_algorithm | This property includes a textual description of the signature hash algorithm. |
ssl_accept_server_cert_effective_date | The date on which this certificate becomes valid. |
ssl_accept_server_cert_expiration_date | The date on which the certificate expires. |
ssl_accept_server_cert_extended_key_usage | A comma-delimited list of extended key usage identifiers. |
ssl_accept_server_cert_fingerprint | The hex-encoded, 16-byte MD5 fingerprint of the certificate. |
ssl_accept_server_cert_fingerprint_sha1 | The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. |
ssl_accept_server_cert_fingerprint_sha256 | The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. |
ssl_accept_server_cert_issuer | The issuer of the certificate. |
ssl_accept_server_cert_private_key | The private key of the certificate (if available). |
ssl_accept_server_cert_private_key_available | Whether a PrivateKey is available for the selected certificate. |
ssl_accept_server_cert_private_key_container | The name of the PrivateKey container for the certificate (if available). |
ssl_accept_server_cert_public_key | The public key of the certificate. |
ssl_accept_server_cert_public_key_algorithm | The textual description of the certificate's public key algorithm. |
ssl_accept_server_cert_public_key_length | The length of the certificate's public key (in bits). |
ssl_accept_server_cert_serial_number | The serial number of the certificate encoded as a string. |
ssl_accept_server_cert_signature_algorithm | The text description of the certificate's signature algorithm. |
ssl_accept_server_cert_store | The name of the certificate store for the client certificate. |
ssl_accept_server_cert_store_password | If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store. |
ssl_accept_server_cert_store_type | The type of certificate store for this certificate. |
ssl_accept_server_cert_subject_alt_names | Comma-separated lists of alternative subject names for the certificate. |
ssl_accept_server_cert_thumbprint_md5 | The MD5 hash of the certificate. |
ssl_accept_server_cert_thumbprint_sha1 | The SHA-1 hash of the certificate. |
ssl_accept_server_cert_thumbprint_sha256 | The SHA-256 hash of the certificate. |
ssl_accept_server_cert_usage | The text description of UsageFlags . |
ssl_accept_server_cert_usage_flags | The flags that show intended use for the certificate. |
ssl_accept_server_cert_version | The certificate's version number. |
ssl_accept_server_cert_subject | The subject of the certificate used for client authentication. |
ssl_accept_server_cert_encoded | The certificate (PEM/Base64 encoded). |
ssl_cert_effective_date | The date on which this certificate becomes valid. |
ssl_cert_expiration_date | The date on which the certificate expires. |
ssl_cert_extended_key_usage | A comma-delimited list of extended key usage identifiers. |
ssl_cert_fingerprint | The hex-encoded, 16-byte MD5 fingerprint of the certificate. |
ssl_cert_fingerprint_sha1 | The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. |
ssl_cert_fingerprint_sha256 | The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. |
ssl_cert_issuer | The issuer of the certificate. |
ssl_cert_private_key | The private key of the certificate (if available). |
ssl_cert_private_key_available | Whether a PrivateKey is available for the selected certificate. |
ssl_cert_private_key_container | The name of the PrivateKey container for the certificate (if available). |
ssl_cert_public_key | The public key of the certificate. |
ssl_cert_public_key_algorithm | The textual description of the certificate's public key algorithm. |
ssl_cert_public_key_length | The length of the certificate's public key (in bits). |
ssl_cert_serial_number | The serial number of the certificate encoded as a string. |
ssl_cert_signature_algorithm | The text description of the certificate's signature algorithm. |
ssl_cert_store | The name of the certificate store for the client certificate. |
ssl_cert_store_password | If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store. |
ssl_cert_store_type | The type of certificate store for this certificate. |
ssl_cert_subject_alt_names | Comma-separated lists of alternative subject names for the certificate. |
ssl_cert_thumbprint_md5 | The MD5 hash of the certificate. |
ssl_cert_thumbprint_sha1 | The SHA-1 hash of the certificate. |
ssl_cert_thumbprint_sha256 | The SHA-256 hash of the certificate. |
ssl_cert_usage | The text description of UsageFlags . |
ssl_cert_usage_flags | The flags that show intended use for the certificate. |
ssl_cert_version | The certificate's version number. |
ssl_cert_subject | The subject of the certificate used for client authentication. |
ssl_cert_encoded | The certificate (PEM/Base64 encoded). |
ssl_enabled | This property indicates whether Transport Layer Security/Secure Sockets Layer (TLS/SSL) is enabled. |
ssl_provider | The Secure Sockets Layer/Transport Layer Security (SSL/TLS) implementation to use. |
ssl_server_cert_effective_date | The date on which this certificate becomes valid. |
ssl_server_cert_expiration_date | The date on which the certificate expires. |
ssl_server_cert_extended_key_usage | A comma-delimited list of extended key usage identifiers. |
ssl_server_cert_fingerprint | The hex-encoded, 16-byte MD5 fingerprint of the certificate. |
ssl_server_cert_fingerprint_sha1 | The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. |
ssl_server_cert_fingerprint_sha256 | The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. |
ssl_server_cert_issuer | The issuer of the certificate. |
ssl_server_cert_private_key | The private key of the certificate (if available). |
ssl_server_cert_private_key_available | Whether a PrivateKey is available for the selected certificate. |
ssl_server_cert_private_key_container | The name of the PrivateKey container for the certificate (if available). |
ssl_server_cert_public_key | The public key of the certificate. |
ssl_server_cert_public_key_algorithm | The textual description of the certificate's public key algorithm. |
ssl_server_cert_public_key_length | The length of the certificate's public key (in bits). |
ssl_server_cert_serial_number | The serial number of the certificate encoded as a string. |
ssl_server_cert_signature_algorithm | The text description of the certificate's signature algorithm. |
ssl_server_cert_store | The name of the certificate store for the client certificate. |
ssl_server_cert_store_password | If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store. |
ssl_server_cert_store_type | The type of certificate store for this certificate. |
ssl_server_cert_subject_alt_names | Comma-separated lists of alternative subject names for the certificate. |
ssl_server_cert_thumbprint_md5 | The MD5 hash of the certificate. |
ssl_server_cert_thumbprint_sha1 | The SHA-1 hash of the certificate. |
ssl_server_cert_thumbprint_sha256 | The SHA-256 hash of the certificate. |
ssl_server_cert_usage | The text description of UsageFlags . |
ssl_server_cert_usage_flags | The flags that show intended use for the certificate. |
ssl_server_cert_version | The certificate's version number. |
ssl_server_cert_subject | The subject of the certificate used for client authentication. |
ssl_server_cert_encoded | The certificate (PEM/Base64 encoded). |
ssl_start_mode | This property determines how the class starts the Secure Sockets Layer (SSL) negotiation. |
timeout | The timeout for the class. |
user | This property includes the user identifier for the mailbox. |
Method List
The following is the full list of the methods of the class with short descriptions. Click on the links for further details.
check_message_encrypted | This method checks whether or not the current message is encrypted. |
check_message_signed | This method checks whether or not the current message is signed. |
config | Sets or retrieves a configuration setting. |
connect | This method connects to the mail server and attempts to log in. |
decrypt | This method decrypts the current Message . |
decrypt_and_verify_signature | This method decrypts and verifies the signature of the current message. |
delete | This method deletes a message specified by MessageNumber on the server. |
disconnect | This method disconnects from the mail server. |
do_events | This method processes events from the internal message queue. |
interrupt | This method interrupts the current method. |
list_message_sizes | This method retrieves a list of all message sizes from the server. |
list_message_ui_ds | This method retrieves a list of all message UIDs from the server. |
localize_date | This method converts a valid RFC 822 message date to a local date and time. |
query_message_size | This method returns the size in bytes of the current message. |
query_message_uid | This method returns the unique identifier (UID) of the message as specified by the server. |
query_total_size | This method returns the cumulative size in bytes of messages in the mailbox (including headers). |
reset | This method resets all changes and revert back to the state when the user first connected. |
retrieve | This method retrieves a message specified by MessageNumber from the server. |
retrieve_headers | This method retrieves headers for a message specified by MessageNumber . |
send_command | This method sends the exact command directly to the server. |
verify_signature | This method verifies the signature of the current message. |
Event List
The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.
on_connection_status | Fired to indicate changes in the connection state. |
on_end_transfer | This event is fired when the message completes transferring. |
on_error | Fired when information is available about errors during data delivery. |
on_header | This event is fired for every message header being retrieved. |
on_message_list | This event is fired for every message listed by ListMessageSizes and/or ListMessageUIDs . |
on_pi_trail | This event traces the commands sent to the mail server, and the respective replies. |
on_ssl_server_authentication | Fired after the server presents its certificate to the client. |
on_ssl_status | Fired when secure connection progress messages are available. |
on_start_transfer | This event is fired when the message starts transferring. |
on_transfer | This event is fired when the message is transferred from MailServer . |
Config Settings
The following is a list of config settings for the class with short descriptions. Click on the links for further details.
AuthorizationIdentity | The value to use as the authorization identity when SASL authentication is used. |
AutoDecodeSubject | Instructs the class to automatically decode message subjects. |
GetMessageSize | Whether to poll the server for the message size prior to retrieving it. |
MaxLineLength | The maximum expected length for message lines. |
ConnectionTimeout | Sets a separate timeout value for establishing a connection. |
FirewallAutoDetect | Tells the class whether or not to automatically detect and use firewall system settings, if available. |
FirewallHost | Name or IP address of firewall (optional). |
FirewallPassword | Password to be used if authentication is to be used when connecting through the firewall. |
FirewallPort | The TCP port for the FirewallHost;. |
FirewallType | Determines the type of firewall to connect through. |
FirewallUser | A user name if authentication is to be used connecting through a firewall. |
KeepAliveInterval | The retry interval, in milliseconds, to be used when a TCP keep-alive packet is sent and no response is received. |
KeepAliveTime | The inactivity time in milliseconds before a TCP keep-alive packet is sent. |
Linger | When set to True, connections are terminated gracefully. |
LingerTime | Time in seconds to have the connection linger. |
LocalHost | The name of the local host through which connections are initiated or accepted. |
LocalPort | The port in the local host where the class binds. |
MaxLineLength | The maximum amount of data to accumulate when no EOL is found. |
MaxTransferRate | The transfer rate limit in bytes per second. |
ProxyExceptionsList | A semicolon separated list of hosts and IPs to bypass when using a proxy. |
TCPKeepAlive | Determines whether or not the keep alive socket option is enabled. |
TcpNoDelay | Whether or not to delay when sending packets. |
UseIPv6 | Whether to use IPv6. |
LogSSLPackets | Controls whether SSL packets are logged when using the internal security API. |
OpenSSLCADir | The path to a directory containing CA certificates. |
OpenSSLCAFile | Name of the file containing the list of CA's trusted by your application. |
OpenSSLCipherList | A string that controls the ciphers to be used by SSL. |
OpenSSLPrngSeedData | The data to seed the pseudo random number generator (PRNG). |
ReuseSSLSession | Determines if the SSL session is reused. |
SSLCACertFilePaths | The paths to CA certificate files on Unix/Linux. |
SSLCACerts | A newline separated list of CA certificates to be included when performing an SSL handshake. |
SSLCheckCRL | Whether to check the Certificate Revocation List for the server certificate. |
SSLCheckOCSP | Whether to use OCSP to check the status of the server certificate. |
SSLCipherStrength | The minimum cipher strength used for bulk encryption. |
SSLClientCACerts | A newline separated list of CA certificates to use during SSL client certificate validation. |
SSLEnabledCipherSuites | The cipher suite to be used in an SSL negotiation. |
SSLEnabledProtocols | Used to enable/disable the supported security protocols. |
SSLEnableRenegotiation | Whether the renegotiation_info SSL extension is supported. |
SSLIncludeCertChain | Whether the entire certificate chain is included in the SSLServerAuthentication event. |
SSLKeyLogFile | The location of a file where per-session secrets are written for debugging purposes. |
SSLNegotiatedCipher | Returns the negotiated cipher suite. |
SSLNegotiatedCipherStrength | Returns the negotiated cipher suite strength. |
SSLNegotiatedCipherSuite | Returns the negotiated cipher suite. |
SSLNegotiatedKeyExchange | Returns the negotiated key exchange algorithm. |
SSLNegotiatedKeyExchangeStrength | Returns the negotiated key exchange algorithm strength. |
SSLNegotiatedVersion | Returns the negotiated protocol version. |
SSLSecurityFlags | Flags that control certificate verification. |
SSLServerCACerts | A newline separated list of CA certificates to use during SSL server certificate validation. |
TLS12SignatureAlgorithms | Defines the allowed TLS 1.2 signature algorithms when SSLProvider is set to Internal. |
TLS12SupportedGroups | The supported groups for ECC. |
TLS13KeyShareGroups | The groups for which to pregenerate key shares. |
TLS13SignatureAlgorithms | The allowed certificate signature algorithms. |
TLS13SupportedGroups | The supported groups for (EC)DHE key exchange. |
AbsoluteTimeout | Determines whether timeouts are inactivity timeouts or absolute timeouts. |
FirewallData | Used to send extra data to the firewall. |
InBufferSize | The size in bytes of the incoming queue of the socket. |
OutBufferSize | The size in bytes of the outgoing queue of the socket. |
BuildInfo | Information about the product's build. |
CodePage | The system code page used for Unicode to Multibyte translations. |
LicenseInfo | Information about the current license. |
MaskSensitiveData | Whether sensitive data is masked in log messages. |
ProcessIdleEvents | Whether the class uses its internal event loop to process events when the main thread is idle. |
SelectWaitMillis | The length of time in milliseconds the class will wait when DoEvents is called if there are no events to process. |
UseInternalSecurityAPI | Whether or not to use the system security libraries or an internal implementation. |
auth_mechanism Property
This property includes the authentication mechanism to be used when connecting to the mail server.
Syntax
def get_auth_mechanism() -> int: ... def set_auth_mechanism(value: int) -> None: ...
auth_mechanism = property(get_auth_mechanism, set_auth_mechanism)
Default Value
0
Remarks
This property is used as the authentication mechanism when connecting to the mail server. By default, this property is amUserPassword (0), and default plaintext authentication is used to log in to the server. Other, more secure, options include amCRAMMD5 (1) for CRAM-MD5, amNTLM (2) for NTLM authentication, amAPOP (3) for APOP authentication, and amSASLDigestMD5 (5) for SASL DIGEST-MD5 authentication.
amSASLPlain (4) is also available, but most servers require a Secure Sockets Layer (SSL) connection when utilizing this authentication mechanism.
amKerberos (6) is for Kerberos authentication. Note: This functionality is available only in Windows.
cert_effective_date Property
The date on which this certificate becomes valid.
Syntax
def get_cert_effective_date() -> str: ...
cert_effective_date = property(get_cert_effective_date, None)
Default Value
""
Remarks
The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:
23-Jan-2000 15:00:00.
This property is read-only.
cert_expiration_date Property
The date on which the certificate expires.
Syntax
def get_cert_expiration_date() -> str: ...
cert_expiration_date = property(get_cert_expiration_date, None)
Default Value
""
Remarks
The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:
23-Jan-2001 15:00:00.
This property is read-only.
cert_extended_key_usage Property
A comma-delimited list of extended key usage identifiers.
Syntax
def get_cert_extended_key_usage() -> str: ...
cert_extended_key_usage = property(get_cert_extended_key_usage, None)
Default Value
""
Remarks
A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).
This property is read-only.
cert_fingerprint Property
The hex-encoded, 16-byte MD5 fingerprint of the certificate.
Syntax
def get_cert_fingerprint() -> str: ...
cert_fingerprint = property(get_cert_fingerprint, None)
Default Value
""
Remarks
The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02
This property is read-only.
cert_fingerprint_sha1 Property
The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.
Syntax
def get_cert_fingerprint_sha1() -> str: ...
cert_fingerprint_sha1 = property(get_cert_fingerprint_sha1, None)
Default Value
""
Remarks
The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84
This property is read-only.
cert_fingerprint_sha256 Property
The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.
Syntax
def get_cert_fingerprint_sha256() -> str: ...
cert_fingerprint_sha256 = property(get_cert_fingerprint_sha256, None)
Default Value
""
Remarks
The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53
This property is read-only.
cert_issuer Property
The issuer of the certificate.
Syntax
def get_cert_issuer() -> str: ...
cert_issuer = property(get_cert_issuer, None)
Default Value
""
Remarks
The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.
This property is read-only.
cert_private_key Property
The private key of the certificate (if available).
Syntax
def get_cert_private_key() -> str: ...
cert_private_key = property(get_cert_private_key, None)
Default Value
""
Remarks
The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.
Note: The cert_private_key may be available but not exportable. In this case, cert_private_key returns an empty string.
This property is read-only.
cert_private_key_available Property
Whether a PrivateKey is available for the selected certificate.
Syntax
def get_cert_private_key_available() -> bool: ...
cert_private_key_available = property(get_cert_private_key_available, None)
Default Value
FALSE
Remarks
Whether a cert_private_key is available for the selected certificate. If cert_private_key_available is True, the certificate may be used for authentication purposes (e.g., server authentication).
This property is read-only.
cert_private_key_container Property
The name of the PrivateKey container for the certificate (if available).
Syntax
def get_cert_private_key_container() -> str: ...
cert_private_key_container = property(get_cert_private_key_container, None)
Default Value
""
Remarks
The name of the cert_private_key container for the certificate (if available). This functionality is available only on Windows platforms.
This property is read-only.
cert_public_key Property
The public key of the certificate.
Syntax
def get_cert_public_key() -> str: ...
cert_public_key = property(get_cert_public_key, None)
Default Value
""
Remarks
The public key of the certificate. The key is provided as PEM/Base64-encoded data.
This property is read-only.
cert_public_key_algorithm Property
The textual description of the certificate's public key algorithm.
Syntax
def get_cert_public_key_algorithm() -> str: ...
cert_public_key_algorithm = property(get_cert_public_key_algorithm, None)
Default Value
""
Remarks
The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.
This property is read-only.
cert_public_key_length Property
The length of the certificate's public key (in bits).
Syntax
def get_cert_public_key_length() -> int: ...
cert_public_key_length = property(get_cert_public_key_length, None)
Default Value
0
Remarks
The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.
This property is read-only.
cert_serial_number Property
The serial number of the certificate encoded as a string.
Syntax
def get_cert_serial_number() -> str: ...
cert_serial_number = property(get_cert_serial_number, None)
Default Value
""
Remarks
The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.
This property is read-only.
cert_signature_algorithm Property
The text description of the certificate's signature algorithm.
Syntax
def get_cert_signature_algorithm() -> str: ...
cert_signature_algorithm = property(get_cert_signature_algorithm, None)
Default Value
""
Remarks
The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.
This property is read-only.
cert_store Property
The name of the certificate store for the client certificate.
Syntax
def get_cert_store() -> bytes: ... def set_cert_store(value: bytes) -> None: ...
cert_store = property(get_cert_store, set_cert_store)
Default Value
"MY"
Remarks
The name of the certificate store for the client certificate.
The cert_store_type property denotes the type of the certificate store specified by cert_store. If the store is password-protected, specify the password in cert_store_password.
cert_store is used in conjunction with the cert_subject property to specify client certificates. If cert_store has a value, and cert_subject or cert_encoded is set, a search for a certificate is initiated. Please see the cert_subject property for details.
Designations of certificate stores are platform dependent.
The following designations are the most common User and Machine certificate stores in Windows:
MY | A certificate store holding personal certificates with their associated private keys. |
CA | Certifying authority certificates. |
ROOT | Root certificates. |
When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).
cert_store_password Property
If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
Syntax
def get_cert_store_password() -> str: ... def set_cert_store_password(value: str) -> None: ...
cert_store_password = property(get_cert_store_password, set_cert_store_password)
Default Value
""
Remarks
If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
cert_store_type Property
The type of certificate store for this certificate.
Syntax
def get_cert_store_type() -> int: ... def set_cert_store_type(value: int) -> None: ...
cert_store_type = property(get_cert_store_type, set_cert_store_type)
Default Value
0
Remarks
The type of certificate store for this certificate.
The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:
0 (cstUser - default) | For Windows, this specifies that the certificate store is a certificate store owned by the current user.
Note: This store type is not available in Java. |
1 (cstMachine) | For Windows, this specifies that the certificate store is a machine store.
Note: This store type is not available in Java. |
2 (cstPFXFile) | The certificate store is the name of a PFX (PKCS#12) file containing certificates. |
3 (cstPFXBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in PFX (PKCS#12) format. |
4 (cstJKSFile) | The certificate store is the name of a Java Key Store (JKS) file containing certificates.
Note: This store type is only available in Java. |
5 (cstJKSBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in Java Key Store (JKS) format.
Note: This store type is only available in Java. |
6 (cstPEMKeyFile) | The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate. |
7 (cstPEMKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains a private key and an optional certificate. |
8 (cstPublicKeyFile) | The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate. |
9 (cstPublicKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains a PEM- or DER-encoded public key certificate. |
10 (cstSSHPublicKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains an SSH-style public key. |
11 (cstP7BFile) | The certificate store is the name of a PKCS#7 file containing certificates. |
12 (cstP7BBlob) | The certificate store is a string (binary) representing a certificate store in PKCS#7 format. |
13 (cstSSHPublicKeyFile) | The certificate store is the name of a file that contains an SSH-style public key. |
14 (cstPPKFile) | The certificate store is the name of a file that contains a PPK (PuTTY Private Key). |
15 (cstPPKBlob) | The certificate store is a string (binary) that contains a PPK (PuTTY Private Key). |
16 (cstXMLFile) | The certificate store is the name of a file that contains a certificate in XML format. |
17 (cstXMLBlob) | The certificate store is a string that contains a certificate in XML format. |
18 (cstJWKFile) | The certificate store is the name of a file that contains a JWK (JSON Web Key). |
19 (cstJWKBlob) | The certificate store is a string that contains a JWK (JSON Web Key). |
21 (cstBCFKSFile) | The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store).
Note: This store type is only available in Java and .NET. |
22 (cstBCFKSBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format.
Note: This store type is only available in Java and .NET. |
23 (cstPKCS11) | The certificate is present on a physical security key accessible via a PKCS#11 interface.
To use a security key, the necessary data must first be collected using the CertMgr class. The list_store_certificates method may be called after setting cert_store_type to cstPKCS11, cert_store_password to the PIN, and cert_store to the full path of the PKCS#11 DLL. The certificate information returned in the on_cert_list event's CertEncoded parameter may be saved for later use. When using a certificate, pass the previously saved security key information as the cert_store and set cert_store_password to the PIN. Code Example. SSH Authentication with Security Key:
|
99 (cstAuto) | The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically. |
cert_subject_alt_names Property
Comma-separated lists of alternative subject names for the certificate.
Syntax
def get_cert_subject_alt_names() -> str: ...
cert_subject_alt_names = property(get_cert_subject_alt_names, None)
Default Value
""
Remarks
Comma-separated lists of alternative subject names for the certificate.
This property is read-only.
cert_thumbprint_md5 Property
The MD5 hash of the certificate.
Syntax
def get_cert_thumbprint_md5() -> str: ...
cert_thumbprint_md5 = property(get_cert_thumbprint_md5, None)
Default Value
""
Remarks
The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
cert_thumbprint_sha1 Property
The SHA-1 hash of the certificate.
Syntax
def get_cert_thumbprint_sha1() -> str: ...
cert_thumbprint_sha1 = property(get_cert_thumbprint_sha1, None)
Default Value
""
Remarks
The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
cert_thumbprint_sha256 Property
The SHA-256 hash of the certificate.
Syntax
def get_cert_thumbprint_sha256() -> str: ...
cert_thumbprint_sha256 = property(get_cert_thumbprint_sha256, None)
Default Value
""
Remarks
The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
cert_usage Property
The text description of UsageFlags .
Syntax
def get_cert_usage() -> str: ...
cert_usage = property(get_cert_usage, None)
Default Value
""
Remarks
The text description of cert_usage_flags.
This value will be one or more of the following strings and will be separated by commas:
- Digital Signature
- Non-Repudiation
- Key Encipherment
- Data Encipherment
- Key Agreement
- Certificate Signing
- CRL Signing
- Encipher Only
If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.
This property is read-only.
cert_usage_flags Property
The flags that show intended use for the certificate.
Syntax
def get_cert_usage_flags() -> int: ...
cert_usage_flags = property(get_cert_usage_flags, None)
Default Value
0
Remarks
The flags that show intended use for the certificate. The value of cert_usage_flags is a combination of the following flags:
0x80 | Digital Signature |
0x40 | Non-Repudiation |
0x20 | Key Encipherment |
0x10 | Data Encipherment |
0x08 | Key Agreement |
0x04 | Certificate Signing |
0x02 | CRL Signing |
0x01 | Encipher Only |
Please see the cert_usage property for a text representation of cert_usage_flags.
This functionality currently is not available when the provider is OpenSSL.
This property is read-only.
cert_version Property
The certificate's version number.
Syntax
def get_cert_version() -> str: ...
cert_version = property(get_cert_version, None)
Default Value
""
Remarks
The certificate's version number. The possible values are the strings "V1", "V2", and "V3".
This property is read-only.
cert_subject Property
The subject of the certificate used for client authentication.
Syntax
def get_cert_subject() -> str: ... def set_cert_subject(value: str) -> None: ...
cert_subject = property(get_cert_subject, set_cert_subject)
Default Value
""
Remarks
The subject of the certificate used for client authentication.
This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.
If a matching certificate is found, the property is set to the full subject of the matching certificate.
If an exact match is not found, the store is searched for subjects containing the value of the property.
If a match is still not found, the property is set to an empty string, and no certificate is selected.
The special value "*" picks a random certificate in the certificate store.
The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:
Field | Meaning |
CN | Common Name. This is commonly a hostname like www.server.com. |
O | Organization |
OU | Organizational Unit |
L | Locality |
S | State |
C | Country |
E | Email Address |
If a field value contains a comma, it must be quoted.
cert_encoded Property
The certificate (PEM/Base64 encoded).
Syntax
def get_cert_encoded() -> bytes: ... def set_cert_encoded(value: bytes) -> None: ...
cert_encoded = property(get_cert_encoded, set_cert_encoded)
Default Value
""
Remarks
The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The cert_store and cert_subject properties also may be used to specify a certificate.
When cert_encoded is set, a search is initiated in the current cert_store for the private key of the certificate. If the key is found, cert_subject is updated to reflect the full subject of the selected certificate; otherwise, cert_subject is set to an empty string.
connected Property
Whether the class is connected.
Syntax
def get_connected() -> bool: ...
connected = property(get_connected, None)
Default Value
FALSE
Remarks
This property is used to determine whether or not the class is connected to the remote host. Use the connect and disconnect methods to manage the connection.
This property is read-only.
firewall_auto_detect Property
Whether to automatically detect and use firewall system settings, if available.
Syntax
def get_firewall_auto_detect() -> bool: ... def set_firewall_auto_detect(value: bool) -> None: ...
firewall_auto_detect = property(get_firewall_auto_detect, set_firewall_auto_detect)
Default Value
FALSE
Remarks
Whether to automatically detect and use firewall system settings, if available.
firewall_type Property
The type of firewall to connect through.
Syntax
def get_firewall_type() -> int: ... def set_firewall_type(value: int) -> None: ...
firewall_type = property(get_firewall_type, set_firewall_type)
Default Value
0
Remarks
The type of firewall to connect through. The applicable values are as follows:
fwNone (0) | No firewall (default setting). |
fwTunnel (1) | Connect through a tunneling proxy. firewall_port is set to 80. |
fwSOCKS4 (2) | Connect through a SOCKS4 Proxy. firewall_port is set to 1080. |
fwSOCKS5 (3) | Connect through a SOCKS5 Proxy. firewall_port is set to 1080. |
fwSOCKS4A (10) | Connect through a SOCKS4A Proxy. firewall_port is set to 1080. |
firewall_host Property
The name or IP address of the firewall (optional).
Syntax
def get_firewall_host() -> str: ... def set_firewall_host(value: str) -> None: ...
firewall_host = property(get_firewall_host, set_firewall_host)
Default Value
""
Remarks
The name or IP address of the firewall (optional). If a firewall_host is given, the requested connections will be authenticated through the specified firewall when connecting.
If this property is set to a Domain Name, a DNS request is initiated. Upon successful termination of the request, this property is set to the corresponding address. If the search is not successful, the class fails with an error.
firewall_password Property
A password if authentication is to be used when connecting through the firewall.
Syntax
def get_firewall_password() -> str: ... def set_firewall_password(value: str) -> None: ...
firewall_password = property(get_firewall_password, set_firewall_password)
Default Value
""
Remarks
A password if authentication is to be used when connecting through the firewall. If firewall_host is specified, the firewall_user and firewall_password properties are used to connect and authenticate to the given firewall. If the authentication fails, the class fails with an error.
firewall_port Property
The Transmission Control Protocol (TCP) port for the firewall Host .
Syntax
def get_firewall_port() -> int: ... def set_firewall_port(value: int) -> None: ...
firewall_port = property(get_firewall_port, set_firewall_port)
Default Value
0
Remarks
The Transmission Control Protocol (TCP) port for the firewall firewall_host. See the description of the firewall_host property for details.
Note: This property is set automatically when firewall_type is set to a valid value. See the description of the firewall_type property for details.
firewall_user Property
A username if authentication is to be used when connecting through a firewall.
Syntax
def get_firewall_user() -> str: ... def set_firewall_user(value: str) -> None: ...
firewall_user = property(get_firewall_user, set_firewall_user)
Default Value
""
Remarks
A username if authentication is to be used when connecting through a firewall. If firewall_host is specified, this property and the firewall_password property are used to connect and authenticate to the given Firewall. If the authentication fails, the class fails with an error.
idle Property
The current status of the class.
Syntax
def get_idle() -> bool: ...
idle = property(get_idle, None)
Default Value
TRUE
Remarks
This property will be False if the component is currently busy (communicating or waiting for an answer), and True at all other times.
This property is read-only.
include_headers Property
This property instructs the class to include the headers in the MessageText and LocalFile.
Syntax
def get_include_headers() -> bool: ... def set_include_headers(value: bool) -> None: ...
include_headers = property(get_include_headers, set_include_headers)
Default Value
FALSE
Remarks
This property instructs the component to include the headers in the MessageText and LocalFile. If set to True, the headers for the message being retrieved will be placed before the message body in the message_text property;. If local_file is set, then the headers will be written to that file before the message body. In this manner, the whole content of a MIME-encoded message can be passed to the MIME class for further message processing.
last_reply Property
This property indicates the last reply received from the server.
Syntax
def get_last_reply() -> str: ...
last_reply = property(get_last_reply, None)
Default Value
""
Remarks
This property indicates the last reply received from the server. It can be used for informational purposes. The same information and more also can be retrieved through the on_pi_trail event.
This property is read-only.
local_host Property
The name of the local host or user-assigned IP interface through which connections are initiated or accepted.
Syntax
def get_local_host() -> str: ... def set_local_host(value: str) -> None: ...
local_host = property(get_local_host, set_local_host)
Default Value
""
Remarks
This property contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.
In multihomed hosts (machines with more than one IP interface) setting LocalHost to the IP address of an interface will make the class initiate connections (or accept in the case of server classs) only through that interface. It is recommended to provide an IP address rather than a hostname when setting this property to ensure the desired interface is used.
If the class is connected, the local_host property shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multihomed hosts (machines with more than one IP interface).
Note: local_host is not persistent. You must always set it in code, and never in the property window.
mail_port Property
This property includes the server port for POP (default 110).
Syntax
def get_mail_port() -> int: ... def set_mail_port(value: int) -> None: ...
mail_port = property(get_mail_port, set_mail_port)
Default Value
110
Remarks
This property contains the server port for POP (default 110). A valid port number (a value between 1 and 65535) is required for the connection to take place. The property must be set before a connection is attempted and cannot be changed once a connection is established. Any attempt to change this property while connected will fail with an error.
For implicit Secure Sockets Layer (SSL), use port 995 (please refer to the ssl_start_mode property for more information).
mail_server Property
This property includes the name or address of a mail server (internet post office server).
Syntax
def get_mail_server() -> str: ... def set_mail_server(value: str) -> None: ...
mail_server = property(get_mail_server, set_mail_server)
Default Value
""
Remarks
This property specifies the IP address (IP number in dotted internet format) or the domain name of the mail server. It is set before a connection is attempted and cannot be changed once a connection is in progress.
If this property is set to a domain name, a DNS request is initiated. Upon successful termination of the request, this property is set to the corresponding address. If the search is not successful, the class fails with an error.
If the class is configured to use a SOCKS firewall, the value assigned to this property may be preceded with an "*". If this is the case, the host name is passed to the firewall unresolved and the firewall performs the DNS resolution.
max_lines Property
This property includes the maximum number of message lines other than headers to retrieve.
Syntax
def get_max_lines() -> int: ... def set_max_lines(value: int) -> None: ...
max_lines = property(get_max_lines, set_max_lines)
Default Value
0
Remarks
This property is used to limit the number of text lines other than headers retrieved for messages. It can be used to preview message headers and a portion of their contents, without incurring the overhead of downloading the entire message.
The default value of the property is 0. In this case, the entire message will be retrieved, without interruptions. Note: If you are not retrieving the entire message (max_lines is nonzero), no data will be written to local_file.
message Property
This property provides the raw message content.
Syntax
def get_message() -> bytes: ...
message = property(get_message, None)
Default Value
""
Remarks
This property is populated after calling retrieve and holds the raw message content. This can be used to access the data before any processing is done by the class.
This property is read-only.
message_cc Property
This property includes the value of the CC header of the last retrieved message.
Syntax
def get_message_cc() -> str: ...
message_cc = property(get_message_cc, None)
Default Value
""
Remarks
This property contains the value of the CC header of the last retrieved message. The same information also may be retrieved through the on_header event.
This property is read-only.
message_count Property
This property includes the number of messages in the mailbox.
Syntax
def get_message_count() -> int: ...
message_count = property(get_message_count, None)
Default Value
0
Remarks
This property contains the number of messages in the mailbox. When the class is not connected to the server, the value of this property is 0. When connected, it contains the number of messages in the mailbox as reported by the POP server.
This property is read-only.
message_date Property
This property includes the value of the date header of the last retrieved message.
Syntax
def get_message_date() -> str: ...
message_date = property(get_message_date, None)
Default Value
""
Remarks
This property contains the value of the date header of the last retrieved message. The same information also may be retrieved through the on_header event.
This property is read-only.
message_from Property
This property includes the value of the from header of the last retrieved message.
Syntax
def get_message_from() -> str: ...
message_from = property(get_message_from, None)
Default Value
""
Remarks
This property contains the value of the from header of the last retrieved message. The same information also may be retrieved through the on_header event.
This property is read-only.
message_header_count Property
The number of records in the MessageHeader arrays.
Syntax
def get_message_header_count() -> int: ...
message_header_count = property(get_message_header_count, None)
Default Value
0
Remarks
This property controls the size of the following arrays:
The array indices start at 0 and end at message_header_count - 1.This property is read-only.
message_header_field Property
This property contains the name of the HTTP header (this is the same case as it is delivered).
Syntax
def get_message_header_field(message_header_index: int) -> str: ...
Default Value
""
Remarks
This property contains the name of the HTTP Header (this is the same case as it is delivered).
The message_header_index parameter specifies the index of the item in the array. The size of the array is controlled by the message_header_count property.
This property is read-only.
message_header_value Property
This property contains the header contents.
Syntax
def get_message_header_value(message_header_index: int) -> str: ...
Default Value
""
Remarks
This property contains the Header contents.
The message_header_index parameter specifies the index of the item in the array. The size of the array is controlled by the message_header_count property.
This property is read-only.
message_headers_string Property
This property includes a string representation of the full headers of the message as retrieved from the server.
Syntax
def get_message_headers_string() -> str: ...
message_headers_string = property(get_message_headers_string, None)
Default Value
""
Remarks
This property contains a string representation of the full headers of the message as retrieved from the server. If the class is not connected, or message_number does not contain a valid message number, the value of this property is an empty string. Otherwise, it contains the full headers of the mail message as reported by the server.
The mail_server is asked about the headers of the message only if the message_number property has changed. If message_number has not changed, the class returns a cached value.
Example. Connect and Retrieve Messages:
POPControl.MailServer = "MyPOPServer"
POPControl.User = "username"
POPControl.Password = "password"
POPControl.Connect()
POPControl.MessageNumber = 1
MessageText = POPControl.MessageText
MessageHeadersString = POPControl.MessageHeadersString
This property is read-only.
message_number Property
This property includes the current (selected) message.
Syntax
def get_message_number() -> int: ... def set_message_number(value: int) -> None: ...
message_number = property(get_message_number, set_message_number)
Default Value
1
Remarks
This property indicates the current (selected) message. This property specifies a message number in between 1 and message_count. The various class methods related to single messages use this property as a message pointer (see method descriptions and the query_message_size method).
message_recipient_count Property
The number of records in the MessageRecipient arrays.
Syntax
def get_message_recipient_count() -> int: ...
message_recipient_count = property(get_message_recipient_count, None)
Default Value
0
Remarks
This property controls the size of the following arrays:
The array indices start at 0 and end at message_recipient_count - 1.This property is read-only.
message_recipient_address Property
This property contains the email address of the recipient.
Syntax
def get_message_recipient_address(recipient_index: int) -> str: ...
Default Value
""
Remarks
This property contains the email address of the recipient.
The recipient_index parameter specifies the index of the item in the array. The size of the array is controlled by the message_recipient_count property.
This property is read-only.
message_recipient_name Property
This property contains the name of the recipient.
Syntax
def get_message_recipient_name(recipient_index: int) -> str: ...
Default Value
""
Remarks
This property contains the name of the recipient.
The recipient_index parameter specifies the index of the item in the array. The size of the array is controlled by the message_recipient_count property.
This property is read-only.
message_recipient_options Property
This property contains the recipient sending options (used only by SMTP).
Syntax
def get_message_recipient_options(recipient_index: int) -> str: ...
Default Value
""
Remarks
This property contains the recipient sending options (used only by SMTP). This must be a string of RFC-compliant recipient options (used by SMTP).
One type of option is a delivery status notification sent per recipient, which is specified by RFC 1891.
component.MessageRecipientOptions(0) = "NOTIFY SUCCESS,FAILURE,DELAY";
The recipient_index parameter specifies the index of the item in the array. The size of the array is controlled by the message_recipient_count property.
This property is read-only.
message_recipient_type Property
This property contains the recipient type: To, Cc, or Bcc.
Syntax
def get_message_recipient_type(recipient_index: int) -> int: ...
Default Value
0
Remarks
This property contains the recipient type: To, Cc, or Bcc.
The recipient_index parameter specifies the index of the item in the array. The size of the array is controlled by the message_recipient_count property.
This property is read-only.
message_reply_to Property
This property includes the value of the Reply-To header of the last retrieved message.
Syntax
def get_message_reply_to() -> str: ...
message_reply_to = property(get_message_reply_to, None)
Default Value
""
Remarks
This property contains the value of the Reply-To header of the last retrieved message. The same information also may be retrieved through the on_header event.
This property is read-only.
message_subject Property
This property includes the value of the Subject header of the last retrieved message.
Syntax
def get_message_subject() -> str: ...
message_subject = property(get_message_subject, None)
Default Value
""
Remarks
This property contains the value of the Subject header of the last retrieved message. The same information also may be retrieved through the on_header event.
This property is read-only.
message_text Property
This property includes the full text of the message as retrieved from the server.
Syntax
def get_message_text() -> str: ...
message_text = property(get_message_text, None)
Default Value
""
Remarks
This property contains the full text of the message as retrieved from the server. If the class is not connected, or message_number does not contain a valid message number, the value of this property is an empty string. Otherwise, it contains the text of the mail message as reported by the server (a maximum of max_lines).
The mail_server is asked about the text of the message only if the message_number property has changed. If message_number has not changed, the class returns a cached value.
Example. Connect and Retrieve Messages:
POPControl.MailServer = "MyPOPServer"
POPControl.User = "username"
POPControl.Password = "password"
POPControl.Connect()
POPControl.MessageNumber = 1
MessageText = POPControl.MessageText
MessageHeaders = POPControl.MessageHeaders
This property is read-only.
message_to Property
This property includes the value of the To header of the last retrieved message.
Syntax
def get_message_to() -> str: ...
message_to = property(get_message_to, None)
Default Value
""
Remarks
This property contains the value of the To header of the last retrieved message. The same information also may be retrieved through the on_header event.
This property is read-only.
password Property
This property includes the password for the mailbox user.
Syntax
def get_password() -> str: ... def set_password(value: str) -> None: ...
password = property(get_password, set_password)
Default Value
""
Remarks
This property contains the password for the mailbox user. This property must be set before the class connects to the mail_server.
signer_cert_effective_date Property
The date on which this certificate becomes valid.
Syntax
def get_signer_cert_effective_date() -> str: ...
signer_cert_effective_date = property(get_signer_cert_effective_date, None)
Default Value
""
Remarks
The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:
23-Jan-2000 15:00:00.
This property is read-only.
signer_cert_expiration_date Property
The date on which the certificate expires.
Syntax
def get_signer_cert_expiration_date() -> str: ...
signer_cert_expiration_date = property(get_signer_cert_expiration_date, None)
Default Value
""
Remarks
The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:
23-Jan-2001 15:00:00.
This property is read-only.
signer_cert_extended_key_usage Property
A comma-delimited list of extended key usage identifiers.
Syntax
def get_signer_cert_extended_key_usage() -> str: ...
signer_cert_extended_key_usage = property(get_signer_cert_extended_key_usage, None)
Default Value
""
Remarks
A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).
This property is read-only.
signer_cert_fingerprint Property
The hex-encoded, 16-byte MD5 fingerprint of the certificate.
Syntax
def get_signer_cert_fingerprint() -> str: ...
signer_cert_fingerprint = property(get_signer_cert_fingerprint, None)
Default Value
""
Remarks
The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02
This property is read-only.
signer_cert_fingerprint_sha1 Property
The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.
Syntax
def get_signer_cert_fingerprint_sha1() -> str: ...
signer_cert_fingerprint_sha1 = property(get_signer_cert_fingerprint_sha1, None)
Default Value
""
Remarks
The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84
This property is read-only.
signer_cert_fingerprint_sha256 Property
The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.
Syntax
def get_signer_cert_fingerprint_sha256() -> str: ...
signer_cert_fingerprint_sha256 = property(get_signer_cert_fingerprint_sha256, None)
Default Value
""
Remarks
The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53
This property is read-only.
signer_cert_issuer Property
The issuer of the certificate.
Syntax
def get_signer_cert_issuer() -> str: ...
signer_cert_issuer = property(get_signer_cert_issuer, None)
Default Value
""
Remarks
The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.
This property is read-only.
signer_cert_private_key Property
The private key of the certificate (if available).
Syntax
def get_signer_cert_private_key() -> str: ...
signer_cert_private_key = property(get_signer_cert_private_key, None)
Default Value
""
Remarks
The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.
Note: The signer_cert_private_key may be available but not exportable. In this case, signer_cert_private_key returns an empty string.
This property is read-only.
signer_cert_private_key_available Property
Whether a PrivateKey is available for the selected certificate.
Syntax
def get_signer_cert_private_key_available() -> bool: ...
signer_cert_private_key_available = property(get_signer_cert_private_key_available, None)
Default Value
FALSE
Remarks
Whether a signer_cert_private_key is available for the selected certificate. If signer_cert_private_key_available is True, the certificate may be used for authentication purposes (e.g., server authentication).
This property is read-only.
signer_cert_private_key_container Property
The name of the PrivateKey container for the certificate (if available).
Syntax
def get_signer_cert_private_key_container() -> str: ...
signer_cert_private_key_container = property(get_signer_cert_private_key_container, None)
Default Value
""
Remarks
The name of the signer_cert_private_key container for the certificate (if available). This functionality is available only on Windows platforms.
This property is read-only.
signer_cert_public_key Property
The public key of the certificate.
Syntax
def get_signer_cert_public_key() -> str: ...
signer_cert_public_key = property(get_signer_cert_public_key, None)
Default Value
""
Remarks
The public key of the certificate. The key is provided as PEM/Base64-encoded data.
This property is read-only.
signer_cert_public_key_algorithm Property
The textual description of the certificate's public key algorithm.
Syntax
def get_signer_cert_public_key_algorithm() -> str: ...
signer_cert_public_key_algorithm = property(get_signer_cert_public_key_algorithm, None)
Default Value
""
Remarks
The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.
This property is read-only.
signer_cert_public_key_length Property
The length of the certificate's public key (in bits).
Syntax
def get_signer_cert_public_key_length() -> int: ...
signer_cert_public_key_length = property(get_signer_cert_public_key_length, None)
Default Value
0
Remarks
The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.
This property is read-only.
signer_cert_serial_number Property
The serial number of the certificate encoded as a string.
Syntax
def get_signer_cert_serial_number() -> str: ...
signer_cert_serial_number = property(get_signer_cert_serial_number, None)
Default Value
""
Remarks
The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.
This property is read-only.
signer_cert_signature_algorithm Property
The text description of the certificate's signature algorithm.
Syntax
def get_signer_cert_signature_algorithm() -> str: ...
signer_cert_signature_algorithm = property(get_signer_cert_signature_algorithm, None)
Default Value
""
Remarks
The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.
This property is read-only.
signer_cert_store Property
The name of the certificate store for the client certificate.
Syntax
def get_signer_cert_store() -> bytes: ... def set_signer_cert_store(value: bytes) -> None: ...
signer_cert_store = property(get_signer_cert_store, set_signer_cert_store)
Default Value
"MY"
Remarks
The name of the certificate store for the client certificate.
The signer_cert_store_type property denotes the type of the certificate store specified by signer_cert_store. If the store is password-protected, specify the password in signer_cert_store_password.
signer_cert_store is used in conjunction with the signer_cert_subject property to specify client certificates. If signer_cert_store has a value, and signer_cert_subject or signer_cert_encoded is set, a search for a certificate is initiated. Please see the signer_cert_subject property for details.
Designations of certificate stores are platform dependent.
The following designations are the most common User and Machine certificate stores in Windows:
MY | A certificate store holding personal certificates with their associated private keys. |
CA | Certifying authority certificates. |
ROOT | Root certificates. |
When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).
signer_cert_store_password Property
If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
Syntax
def get_signer_cert_store_password() -> str: ... def set_signer_cert_store_password(value: str) -> None: ...
signer_cert_store_password = property(get_signer_cert_store_password, set_signer_cert_store_password)
Default Value
""
Remarks
If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
signer_cert_store_type Property
The type of certificate store for this certificate.
Syntax
def get_signer_cert_store_type() -> int: ... def set_signer_cert_store_type(value: int) -> None: ...
signer_cert_store_type = property(get_signer_cert_store_type, set_signer_cert_store_type)
Default Value
0
Remarks
The type of certificate store for this certificate.
The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:
0 (cstUser - default) | For Windows, this specifies that the certificate store is a certificate store owned by the current user.
Note: This store type is not available in Java. |
1 (cstMachine) | For Windows, this specifies that the certificate store is a machine store.
Note: This store type is not available in Java. |
2 (cstPFXFile) | The certificate store is the name of a PFX (PKCS#12) file containing certificates. |
3 (cstPFXBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in PFX (PKCS#12) format. |
4 (cstJKSFile) | The certificate store is the name of a Java Key Store (JKS) file containing certificates.
Note: This store type is only available in Java. |
5 (cstJKSBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in Java Key Store (JKS) format.
Note: This store type is only available in Java. |
6 (cstPEMKeyFile) | The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate. |
7 (cstPEMKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains a private key and an optional certificate. |
8 (cstPublicKeyFile) | The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate. |
9 (cstPublicKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains a PEM- or DER-encoded public key certificate. |
10 (cstSSHPublicKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains an SSH-style public key. |
11 (cstP7BFile) | The certificate store is the name of a PKCS#7 file containing certificates. |
12 (cstP7BBlob) | The certificate store is a string (binary) representing a certificate store in PKCS#7 format. |
13 (cstSSHPublicKeyFile) | The certificate store is the name of a file that contains an SSH-style public key. |
14 (cstPPKFile) | The certificate store is the name of a file that contains a PPK (PuTTY Private Key). |
15 (cstPPKBlob) | The certificate store is a string (binary) that contains a PPK (PuTTY Private Key). |
16 (cstXMLFile) | The certificate store is the name of a file that contains a certificate in XML format. |
17 (cstXMLBlob) | The certificate store is a string that contains a certificate in XML format. |
18 (cstJWKFile) | The certificate store is the name of a file that contains a JWK (JSON Web Key). |
19 (cstJWKBlob) | The certificate store is a string that contains a JWK (JSON Web Key). |
21 (cstBCFKSFile) | The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store).
Note: This store type is only available in Java and .NET. |
22 (cstBCFKSBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format.
Note: This store type is only available in Java and .NET. |
23 (cstPKCS11) | The certificate is present on a physical security key accessible via a PKCS#11 interface.
To use a security key, the necessary data must first be collected using the CertMgr class. The list_store_certificates method may be called after setting cert_store_type to cstPKCS11, cert_store_password to the PIN, and cert_store to the full path of the PKCS#11 DLL. The certificate information returned in the on_cert_list event's CertEncoded parameter may be saved for later use. When using a certificate, pass the previously saved security key information as the signer_cert_store and set signer_cert_store_password to the PIN. Code Example. SSH Authentication with Security Key:
|
99 (cstAuto) | The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically. |
signer_cert_subject_alt_names Property
Comma-separated lists of alternative subject names for the certificate.
Syntax
def get_signer_cert_subject_alt_names() -> str: ...
signer_cert_subject_alt_names = property(get_signer_cert_subject_alt_names, None)
Default Value
""
Remarks
Comma-separated lists of alternative subject names for the certificate.
This property is read-only.
signer_cert_thumbprint_md5 Property
The MD5 hash of the certificate.
Syntax
def get_signer_cert_thumbprint_md5() -> str: ...
signer_cert_thumbprint_md5 = property(get_signer_cert_thumbprint_md5, None)
Default Value
""
Remarks
The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
signer_cert_thumbprint_sha1 Property
The SHA-1 hash of the certificate.
Syntax
def get_signer_cert_thumbprint_sha1() -> str: ...
signer_cert_thumbprint_sha1 = property(get_signer_cert_thumbprint_sha1, None)
Default Value
""
Remarks
The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
signer_cert_thumbprint_sha256 Property
The SHA-256 hash of the certificate.
Syntax
def get_signer_cert_thumbprint_sha256() -> str: ...
signer_cert_thumbprint_sha256 = property(get_signer_cert_thumbprint_sha256, None)
Default Value
""
Remarks
The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
signer_cert_usage Property
The text description of UsageFlags .
Syntax
def get_signer_cert_usage() -> str: ...
signer_cert_usage = property(get_signer_cert_usage, None)
Default Value
""
Remarks
The text description of signer_cert_usage_flags.
This value will be one or more of the following strings and will be separated by commas:
- Digital Signature
- Non-Repudiation
- Key Encipherment
- Data Encipherment
- Key Agreement
- Certificate Signing
- CRL Signing
- Encipher Only
If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.
This property is read-only.
signer_cert_usage_flags Property
The flags that show intended use for the certificate.
Syntax
def get_signer_cert_usage_flags() -> int: ...
signer_cert_usage_flags = property(get_signer_cert_usage_flags, None)
Default Value
0
Remarks
The flags that show intended use for the certificate. The value of signer_cert_usage_flags is a combination of the following flags:
0x80 | Digital Signature |
0x40 | Non-Repudiation |
0x20 | Key Encipherment |
0x10 | Data Encipherment |
0x08 | Key Agreement |
0x04 | Certificate Signing |
0x02 | CRL Signing |
0x01 | Encipher Only |
Please see the signer_cert_usage property for a text representation of signer_cert_usage_flags.
This functionality currently is not available when the provider is OpenSSL.
This property is read-only.
signer_cert_version Property
The certificate's version number.
Syntax
def get_signer_cert_version() -> str: ...
signer_cert_version = property(get_signer_cert_version, None)
Default Value
""
Remarks
The certificate's version number. The possible values are the strings "V1", "V2", and "V3".
This property is read-only.
signer_cert_subject Property
The subject of the certificate used for client authentication.
Syntax
def get_signer_cert_subject() -> str: ... def set_signer_cert_subject(value: str) -> None: ...
signer_cert_subject = property(get_signer_cert_subject, set_signer_cert_subject)
Default Value
""
Remarks
The subject of the certificate used for client authentication.
This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.
If a matching certificate is found, the property is set to the full subject of the matching certificate.
If an exact match is not found, the store is searched for subjects containing the value of the property.
If a match is still not found, the property is set to an empty string, and no certificate is selected.
The special value "*" picks a random certificate in the certificate store.
The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:
Field | Meaning |
CN | Common Name. This is commonly a hostname like www.server.com. |
O | Organization |
OU | Organizational Unit |
L | Locality |
S | State |
C | Country |
E | Email Address |
If a field value contains a comma, it must be quoted.
signer_cert_encoded Property
The certificate (PEM/Base64 encoded).
Syntax
def get_signer_cert_encoded() -> bytes: ... def set_signer_cert_encoded(value: bytes) -> None: ...
signer_cert_encoded = property(get_signer_cert_encoded, set_signer_cert_encoded)
Default Value
""
Remarks
The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The signer_cert_store and signer_cert_subject properties also may be used to specify a certificate.
When signer_cert_encoded is set, a search is initiated in the current signer_cert_store for the private key of the certificate. If the key is found, signer_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, signer_cert_subject is set to an empty string.
signer_cert_chain_count Property
The number of records in the SignerCertChain arrays.
Syntax
def get_signer_cert_chain_count() -> int: ...
signer_cert_chain_count = property(get_signer_cert_chain_count, None)
Default Value
0
Remarks
This property controls the size of the following arrays:
- signer_cert_chain_effective_date
- signer_cert_chain_encoded
- signer_cert_chain_expiration_date
- signer_cert_chain_extended_key_usage
- signer_cert_chain_fingerprint
- signer_cert_chain_fingerprint_sha1
- signer_cert_chain_fingerprint_sha256
- signer_cert_chain_issuer
- signer_cert_chain_private_key
- signer_cert_chain_private_key_available
- signer_cert_chain_private_key_container
- signer_cert_chain_public_key
- signer_cert_chain_public_key_algorithm
- signer_cert_chain_public_key_length
- signer_cert_chain_serial_number
- signer_cert_chain_signature_algorithm
- signer_cert_chain_store
- signer_cert_chain_store_password
- signer_cert_chain_store_type
- signer_cert_chain_subject
- signer_cert_chain_subject_alt_names
- signer_cert_chain_thumbprint_md5
- signer_cert_chain_thumbprint_sha1
- signer_cert_chain_thumbprint_sha256
- signer_cert_chain_usage
- signer_cert_chain_usage_flags
- signer_cert_chain_version
This property is read-only.
signer_cert_chain_effective_date Property
The date on which this certificate becomes valid.
Syntax
def get_signer_cert_chain_effective_date(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:
23-Jan-2000 15:00:00.
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_expiration_date Property
The date on which the certificate expires.
Syntax
def get_signer_cert_chain_expiration_date(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:
23-Jan-2001 15:00:00.
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_extended_key_usage Property
A comma-delimited list of extended key usage identifiers.
Syntax
def get_signer_cert_chain_extended_key_usage(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_fingerprint Property
The hex-encoded, 16-byte MD5 fingerprint of the certificate.
Syntax
def get_signer_cert_chain_fingerprint(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_fingerprint_sha1 Property
The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.
Syntax
def get_signer_cert_chain_fingerprint_sha1(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_fingerprint_sha256 Property
The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.
Syntax
def get_signer_cert_chain_fingerprint_sha256(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_issuer Property
The issuer of the certificate.
Syntax
def get_signer_cert_chain_issuer(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_private_key Property
The private key of the certificate (if available).
Syntax
def get_signer_cert_chain_private_key(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.
Note: The signer_cert_chain_private_key may be available but not exportable. In this case, signer_cert_chain_private_key returns an empty string.
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_private_key_available Property
Whether a PrivateKey is available for the selected certificate.
Syntax
def get_signer_cert_chain_private_key_available(signer_cert_chain_index: int) -> bool: ...
Default Value
FALSE
Remarks
Whether a signer_cert_chain_private_key is available for the selected certificate. If signer_cert_chain_private_key_available is True, the certificate may be used for authentication purposes (e.g., server authentication).
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_private_key_container Property
The name of the PrivateKey container for the certificate (if available).
Syntax
def get_signer_cert_chain_private_key_container(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
The name of the signer_cert_chain_private_key container for the certificate (if available). This functionality is available only on Windows platforms.
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_public_key Property
The public key of the certificate.
Syntax
def get_signer_cert_chain_public_key(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
The public key of the certificate. The key is provided as PEM/Base64-encoded data.
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_public_key_algorithm Property
The textual description of the certificate's public key algorithm.
Syntax
def get_signer_cert_chain_public_key_algorithm(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_public_key_length Property
The length of the certificate's public key (in bits).
Syntax
def get_signer_cert_chain_public_key_length(signer_cert_chain_index: int) -> int: ...
Default Value
0
Remarks
The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_serial_number Property
The serial number of the certificate encoded as a string.
Syntax
def get_signer_cert_chain_serial_number(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_signature_algorithm Property
The text description of the certificate's signature algorithm.
Syntax
def get_signer_cert_chain_signature_algorithm(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_store Property
The name of the certificate store for the client certificate.
Syntax
def get_signer_cert_chain_store(signer_cert_chain_index: int) -> bytes: ...
Default Value
"MY"
Remarks
The name of the certificate store for the client certificate.
The signer_cert_chain_store_type property denotes the type of the certificate store specified by signer_cert_chain_store. If the store is password-protected, specify the password in signer_cert_chain_store_password.
signer_cert_chain_store is used in conjunction with the signer_cert_chain_subject property to specify client certificates. If signer_cert_chain_store has a value, and signer_cert_chain_subject or signer_cert_chain_encoded is set, a search for a certificate is initiated. Please see the signer_cert_chain_subject property for details.
Designations of certificate stores are platform dependent.
The following designations are the most common User and Machine certificate stores in Windows:
MY | A certificate store holding personal certificates with their associated private keys. |
CA | Certifying authority certificates. |
ROOT | Root certificates. |
When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_store_password Property
If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
Syntax
def get_signer_cert_chain_store_password(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_store_type Property
The type of certificate store for this certificate.
Syntax
def get_signer_cert_chain_store_type(signer_cert_chain_index: int) -> int: ...
Default Value
0
Remarks
The type of certificate store for this certificate.
The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:
0 (cstUser - default) | For Windows, this specifies that the certificate store is a certificate store owned by the current user.
Note: This store type is not available in Java. |
1 (cstMachine) | For Windows, this specifies that the certificate store is a machine store.
Note: This store type is not available in Java. |
2 (cstPFXFile) | The certificate store is the name of a PFX (PKCS#12) file containing certificates. |
3 (cstPFXBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in PFX (PKCS#12) format. |
4 (cstJKSFile) | The certificate store is the name of a Java Key Store (JKS) file containing certificates.
Note: This store type is only available in Java. |
5 (cstJKSBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in Java Key Store (JKS) format.
Note: This store type is only available in Java. |
6 (cstPEMKeyFile) | The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate. |
7 (cstPEMKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains a private key and an optional certificate. |
8 (cstPublicKeyFile) | The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate. |
9 (cstPublicKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains a PEM- or DER-encoded public key certificate. |
10 (cstSSHPublicKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains an SSH-style public key. |
11 (cstP7BFile) | The certificate store is the name of a PKCS#7 file containing certificates. |
12 (cstP7BBlob) | The certificate store is a string (binary) representing a certificate store in PKCS#7 format. |
13 (cstSSHPublicKeyFile) | The certificate store is the name of a file that contains an SSH-style public key. |
14 (cstPPKFile) | The certificate store is the name of a file that contains a PPK (PuTTY Private Key). |
15 (cstPPKBlob) | The certificate store is a string (binary) that contains a PPK (PuTTY Private Key). |
16 (cstXMLFile) | The certificate store is the name of a file that contains a certificate in XML format. |
17 (cstXMLBlob) | The certificate store is a string that contains a certificate in XML format. |
18 (cstJWKFile) | The certificate store is the name of a file that contains a JWK (JSON Web Key). |
19 (cstJWKBlob) | The certificate store is a string that contains a JWK (JSON Web Key). |
21 (cstBCFKSFile) | The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store).
Note: This store type is only available in Java and .NET. |
22 (cstBCFKSBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format.
Note: This store type is only available in Java and .NET. |
23 (cstPKCS11) | The certificate is present on a physical security key accessible via a PKCS#11 interface.
To use a security key, the necessary data must first be collected using the CertMgr class. The list_store_certificates method may be called after setting cert_store_type to cstPKCS11, cert_store_password to the PIN, and cert_store to the full path of the PKCS#11 DLL. The certificate information returned in the on_cert_list event's CertEncoded parameter may be saved for later use. When using a certificate, pass the previously saved security key information as the signer_cert_chain_store and set signer_cert_chain_store_password to the PIN. Code Example. SSH Authentication with Security Key:
|
99 (cstAuto) | The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically. |
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_subject_alt_names Property
Comma-separated lists of alternative subject names for the certificate.
Syntax
def get_signer_cert_chain_subject_alt_names(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
Comma-separated lists of alternative subject names for the certificate.
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_thumbprint_md5 Property
The MD5 hash of the certificate.
Syntax
def get_signer_cert_chain_thumbprint_md5(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_thumbprint_sha1 Property
The SHA-1 hash of the certificate.
Syntax
def get_signer_cert_chain_thumbprint_sha1(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_thumbprint_sha256 Property
The SHA-256 hash of the certificate.
Syntax
def get_signer_cert_chain_thumbprint_sha256(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_usage Property
The text description of UsageFlags .
Syntax
def get_signer_cert_chain_usage(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
The text description of signer_cert_chain_usage_flags.
This value will be one or more of the following strings and will be separated by commas:
- Digital Signature
- Non-Repudiation
- Key Encipherment
- Data Encipherment
- Key Agreement
- Certificate Signing
- CRL Signing
- Encipher Only
If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_usage_flags Property
The flags that show intended use for the certificate.
Syntax
def get_signer_cert_chain_usage_flags(signer_cert_chain_index: int) -> int: ...
Default Value
0
Remarks
The flags that show intended use for the certificate. The value of signer_cert_chain_usage_flags is a combination of the following flags:
0x80 | Digital Signature |
0x40 | Non-Repudiation |
0x20 | Key Encipherment |
0x10 | Data Encipherment |
0x08 | Key Agreement |
0x04 | Certificate Signing |
0x02 | CRL Signing |
0x01 | Encipher Only |
Please see the signer_cert_chain_usage property for a text representation of signer_cert_chain_usage_flags.
This functionality currently is not available when the provider is OpenSSL.
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_version Property
The certificate's version number.
Syntax
def get_signer_cert_chain_version(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
The certificate's version number. The possible values are the strings "V1", "V2", and "V3".
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_subject Property
The subject of the certificate used for client authentication.
Syntax
def get_signer_cert_chain_subject(signer_cert_chain_index: int) -> str: ...
Default Value
""
Remarks
The subject of the certificate used for client authentication.
This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.
If a matching certificate is found, the property is set to the full subject of the matching certificate.
If an exact match is not found, the store is searched for subjects containing the value of the property.
If a match is still not found, the property is set to an empty string, and no certificate is selected.
The special value "*" picks a random certificate in the certificate store.
The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:
Field | Meaning |
CN | Common Name. This is commonly a hostname like www.server.com. |
O | Organization |
OU | Organizational Unit |
L | Locality |
S | State |
C | Country |
E | Email Address |
If a field value contains a comma, it must be quoted.
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signer_cert_chain_encoded Property
The certificate (PEM/Base64 encoded).
Syntax
def get_signer_cert_chain_encoded(signer_cert_chain_index: int) -> bytes: ...
Default Value
""
Remarks
The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The signer_cert_chain_store and signer_cert_chain_subject properties also may be used to specify a certificate.
When signer_cert_chain_encoded is set, a search is initiated in the current signer_cert_chain_store for the private key of the certificate. If the key is found, signer_cert_chain_subject is updated to reflect the full subject of the selected certificate; otherwise, signer_cert_chain_subject is set to an empty string.
The signer_cert_chain_index parameter specifies the index of the item in the array. The size of the array is controlled by the signer_cert_chain_count property.
This property is read-only.
signing_algorithm Property
This property includes a textual description of the signature hash algorithm.
Syntax
def get_signing_algorithm() -> str: ... def set_signing_algorithm(value: str) -> None: ...
signing_algorithm = property(get_signing_algorithm, set_signing_algorithm)
Default Value
"SHA256"
Remarks
This property specifies the hash algorithm used to prepare the message digest for signature.
This property must contain either the name of the algorithm (such as MD5 or SHA1), or an object Id (OID) string representing the hash algorithm. Possible values are as follows:
- sha1
- md5
- sha-256 (default)
- sha-384
- sha-512
- sha-224
When read, the value of the property always contains the OID of the algorithm, or an empty string if the algorithm is unknown.
ssl_accept_server_cert_effective_date Property
The date on which this certificate becomes valid.
Syntax
def get_ssl_accept_server_cert_effective_date() -> str: ...
ssl_accept_server_cert_effective_date = property(get_ssl_accept_server_cert_effective_date, None)
Default Value
""
Remarks
The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:
23-Jan-2000 15:00:00.
This property is read-only.
ssl_accept_server_cert_expiration_date Property
The date on which the certificate expires.
Syntax
def get_ssl_accept_server_cert_expiration_date() -> str: ...
ssl_accept_server_cert_expiration_date = property(get_ssl_accept_server_cert_expiration_date, None)
Default Value
""
Remarks
The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:
23-Jan-2001 15:00:00.
This property is read-only.
ssl_accept_server_cert_extended_key_usage Property
A comma-delimited list of extended key usage identifiers.
Syntax
def get_ssl_accept_server_cert_extended_key_usage() -> str: ...
ssl_accept_server_cert_extended_key_usage = property(get_ssl_accept_server_cert_extended_key_usage, None)
Default Value
""
Remarks
A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).
This property is read-only.
ssl_accept_server_cert_fingerprint Property
The hex-encoded, 16-byte MD5 fingerprint of the certificate.
Syntax
def get_ssl_accept_server_cert_fingerprint() -> str: ...
ssl_accept_server_cert_fingerprint = property(get_ssl_accept_server_cert_fingerprint, None)
Default Value
""
Remarks
The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02
This property is read-only.
ssl_accept_server_cert_fingerprint_sha1 Property
The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.
Syntax
def get_ssl_accept_server_cert_fingerprint_sha1() -> str: ...
ssl_accept_server_cert_fingerprint_sha1 = property(get_ssl_accept_server_cert_fingerprint_sha1, None)
Default Value
""
Remarks
The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84
This property is read-only.
ssl_accept_server_cert_fingerprint_sha256 Property
The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.
Syntax
def get_ssl_accept_server_cert_fingerprint_sha256() -> str: ...
ssl_accept_server_cert_fingerprint_sha256 = property(get_ssl_accept_server_cert_fingerprint_sha256, None)
Default Value
""
Remarks
The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53
This property is read-only.
ssl_accept_server_cert_issuer Property
The issuer of the certificate.
Syntax
def get_ssl_accept_server_cert_issuer() -> str: ...
ssl_accept_server_cert_issuer = property(get_ssl_accept_server_cert_issuer, None)
Default Value
""
Remarks
The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.
This property is read-only.
ssl_accept_server_cert_private_key Property
The private key of the certificate (if available).
Syntax
def get_ssl_accept_server_cert_private_key() -> str: ...
ssl_accept_server_cert_private_key = property(get_ssl_accept_server_cert_private_key, None)
Default Value
""
Remarks
The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.
Note: The ssl_accept_server_cert_private_key may be available but not exportable. In this case, ssl_accept_server_cert_private_key returns an empty string.
This property is read-only.
ssl_accept_server_cert_private_key_available Property
Whether a PrivateKey is available for the selected certificate.
Syntax
def get_ssl_accept_server_cert_private_key_available() -> bool: ...
ssl_accept_server_cert_private_key_available = property(get_ssl_accept_server_cert_private_key_available, None)
Default Value
FALSE
Remarks
Whether a ssl_accept_server_cert_private_key is available for the selected certificate. If ssl_accept_server_cert_private_key_available is True, the certificate may be used for authentication purposes (e.g., server authentication).
This property is read-only.
ssl_accept_server_cert_private_key_container Property
The name of the PrivateKey container for the certificate (if available).
Syntax
def get_ssl_accept_server_cert_private_key_container() -> str: ...
ssl_accept_server_cert_private_key_container = property(get_ssl_accept_server_cert_private_key_container, None)
Default Value
""
Remarks
The name of the ssl_accept_server_cert_private_key container for the certificate (if available). This functionality is available only on Windows platforms.
This property is read-only.
ssl_accept_server_cert_public_key Property
The public key of the certificate.
Syntax
def get_ssl_accept_server_cert_public_key() -> str: ...
ssl_accept_server_cert_public_key = property(get_ssl_accept_server_cert_public_key, None)
Default Value
""
Remarks
The public key of the certificate. The key is provided as PEM/Base64-encoded data.
This property is read-only.
ssl_accept_server_cert_public_key_algorithm Property
The textual description of the certificate's public key algorithm.
Syntax
def get_ssl_accept_server_cert_public_key_algorithm() -> str: ...
ssl_accept_server_cert_public_key_algorithm = property(get_ssl_accept_server_cert_public_key_algorithm, None)
Default Value
""
Remarks
The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.
This property is read-only.
ssl_accept_server_cert_public_key_length Property
The length of the certificate's public key (in bits).
Syntax
def get_ssl_accept_server_cert_public_key_length() -> int: ...
ssl_accept_server_cert_public_key_length = property(get_ssl_accept_server_cert_public_key_length, None)
Default Value
0
Remarks
The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.
This property is read-only.
ssl_accept_server_cert_serial_number Property
The serial number of the certificate encoded as a string.
Syntax
def get_ssl_accept_server_cert_serial_number() -> str: ...
ssl_accept_server_cert_serial_number = property(get_ssl_accept_server_cert_serial_number, None)
Default Value
""
Remarks
The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.
This property is read-only.
ssl_accept_server_cert_signature_algorithm Property
The text description of the certificate's signature algorithm.
Syntax
def get_ssl_accept_server_cert_signature_algorithm() -> str: ...
ssl_accept_server_cert_signature_algorithm = property(get_ssl_accept_server_cert_signature_algorithm, None)
Default Value
""
Remarks
The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.
This property is read-only.
ssl_accept_server_cert_store Property
The name of the certificate store for the client certificate.
Syntax
def get_ssl_accept_server_cert_store() -> bytes: ... def set_ssl_accept_server_cert_store(value: bytes) -> None: ...
ssl_accept_server_cert_store = property(get_ssl_accept_server_cert_store, set_ssl_accept_server_cert_store)
Default Value
"MY"
Remarks
The name of the certificate store for the client certificate.
The ssl_accept_server_cert_store_type property denotes the type of the certificate store specified by ssl_accept_server_cert_store. If the store is password-protected, specify the password in ssl_accept_server_cert_store_password.
ssl_accept_server_cert_store is used in conjunction with the ssl_accept_server_cert_subject property to specify client certificates. If ssl_accept_server_cert_store has a value, and ssl_accept_server_cert_subject or ssl_accept_server_cert_encoded is set, a search for a certificate is initiated. Please see the ssl_accept_server_cert_subject property for details.
Designations of certificate stores are platform dependent.
The following designations are the most common User and Machine certificate stores in Windows:
MY | A certificate store holding personal certificates with their associated private keys. |
CA | Certifying authority certificates. |
ROOT | Root certificates. |
When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).
ssl_accept_server_cert_store_password Property
If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
Syntax
def get_ssl_accept_server_cert_store_password() -> str: ... def set_ssl_accept_server_cert_store_password(value: str) -> None: ...
ssl_accept_server_cert_store_password = property(get_ssl_accept_server_cert_store_password, set_ssl_accept_server_cert_store_password)
Default Value
""
Remarks
If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
ssl_accept_server_cert_store_type Property
The type of certificate store for this certificate.
Syntax
def get_ssl_accept_server_cert_store_type() -> int: ... def set_ssl_accept_server_cert_store_type(value: int) -> None: ...
ssl_accept_server_cert_store_type = property(get_ssl_accept_server_cert_store_type, set_ssl_accept_server_cert_store_type)
Default Value
0
Remarks
The type of certificate store for this certificate.
The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:
0 (cstUser - default) | For Windows, this specifies that the certificate store is a certificate store owned by the current user.
Note: This store type is not available in Java. |
1 (cstMachine) | For Windows, this specifies that the certificate store is a machine store.
Note: This store type is not available in Java. |
2 (cstPFXFile) | The certificate store is the name of a PFX (PKCS#12) file containing certificates. |
3 (cstPFXBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in PFX (PKCS#12) format. |
4 (cstJKSFile) | The certificate store is the name of a Java Key Store (JKS) file containing certificates.
Note: This store type is only available in Java. |
5 (cstJKSBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in Java Key Store (JKS) format.
Note: This store type is only available in Java. |
6 (cstPEMKeyFile) | The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate. |
7 (cstPEMKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains a private key and an optional certificate. |
8 (cstPublicKeyFile) | The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate. |
9 (cstPublicKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains a PEM- or DER-encoded public key certificate. |
10 (cstSSHPublicKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains an SSH-style public key. |
11 (cstP7BFile) | The certificate store is the name of a PKCS#7 file containing certificates. |
12 (cstP7BBlob) | The certificate store is a string (binary) representing a certificate store in PKCS#7 format. |
13 (cstSSHPublicKeyFile) | The certificate store is the name of a file that contains an SSH-style public key. |
14 (cstPPKFile) | The certificate store is the name of a file that contains a PPK (PuTTY Private Key). |
15 (cstPPKBlob) | The certificate store is a string (binary) that contains a PPK (PuTTY Private Key). |
16 (cstXMLFile) | The certificate store is the name of a file that contains a certificate in XML format. |
17 (cstXMLBlob) | The certificate store is a string that contains a certificate in XML format. |
18 (cstJWKFile) | The certificate store is the name of a file that contains a JWK (JSON Web Key). |
19 (cstJWKBlob) | The certificate store is a string that contains a JWK (JSON Web Key). |
21 (cstBCFKSFile) | The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store).
Note: This store type is only available in Java and .NET. |
22 (cstBCFKSBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format.
Note: This store type is only available in Java and .NET. |
23 (cstPKCS11) | The certificate is present on a physical security key accessible via a PKCS#11 interface.
To use a security key, the necessary data must first be collected using the CertMgr class. The list_store_certificates method may be called after setting cert_store_type to cstPKCS11, cert_store_password to the PIN, and cert_store to the full path of the PKCS#11 DLL. The certificate information returned in the on_cert_list event's CertEncoded parameter may be saved for later use. When using a certificate, pass the previously saved security key information as the ssl_accept_server_cert_store and set ssl_accept_server_cert_store_password to the PIN. Code Example. SSH Authentication with Security Key:
|
99 (cstAuto) | The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically. |
ssl_accept_server_cert_subject_alt_names Property
Comma-separated lists of alternative subject names for the certificate.
Syntax
def get_ssl_accept_server_cert_subject_alt_names() -> str: ...
ssl_accept_server_cert_subject_alt_names = property(get_ssl_accept_server_cert_subject_alt_names, None)
Default Value
""
Remarks
Comma-separated lists of alternative subject names for the certificate.
This property is read-only.
ssl_accept_server_cert_thumbprint_md5 Property
The MD5 hash of the certificate.
Syntax
def get_ssl_accept_server_cert_thumbprint_md5() -> str: ...
ssl_accept_server_cert_thumbprint_md5 = property(get_ssl_accept_server_cert_thumbprint_md5, None)
Default Value
""
Remarks
The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
ssl_accept_server_cert_thumbprint_sha1 Property
The SHA-1 hash of the certificate.
Syntax
def get_ssl_accept_server_cert_thumbprint_sha1() -> str: ...
ssl_accept_server_cert_thumbprint_sha1 = property(get_ssl_accept_server_cert_thumbprint_sha1, None)
Default Value
""
Remarks
The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
ssl_accept_server_cert_thumbprint_sha256 Property
The SHA-256 hash of the certificate.
Syntax
def get_ssl_accept_server_cert_thumbprint_sha256() -> str: ...
ssl_accept_server_cert_thumbprint_sha256 = property(get_ssl_accept_server_cert_thumbprint_sha256, None)
Default Value
""
Remarks
The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
ssl_accept_server_cert_usage Property
The text description of UsageFlags .
Syntax
def get_ssl_accept_server_cert_usage() -> str: ...
ssl_accept_server_cert_usage = property(get_ssl_accept_server_cert_usage, None)
Default Value
""
Remarks
The text description of ssl_accept_server_cert_usage_flags.
This value will be one or more of the following strings and will be separated by commas:
- Digital Signature
- Non-Repudiation
- Key Encipherment
- Data Encipherment
- Key Agreement
- Certificate Signing
- CRL Signing
- Encipher Only
If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.
This property is read-only.
ssl_accept_server_cert_usage_flags Property
The flags that show intended use for the certificate.
Syntax
def get_ssl_accept_server_cert_usage_flags() -> int: ...
ssl_accept_server_cert_usage_flags = property(get_ssl_accept_server_cert_usage_flags, None)
Default Value
0
Remarks
The flags that show intended use for the certificate. The value of ssl_accept_server_cert_usage_flags is a combination of the following flags:
0x80 | Digital Signature |
0x40 | Non-Repudiation |
0x20 | Key Encipherment |
0x10 | Data Encipherment |
0x08 | Key Agreement |
0x04 | Certificate Signing |
0x02 | CRL Signing |
0x01 | Encipher Only |
Please see the ssl_accept_server_cert_usage property for a text representation of ssl_accept_server_cert_usage_flags.
This functionality currently is not available when the provider is OpenSSL.
This property is read-only.
ssl_accept_server_cert_version Property
The certificate's version number.
Syntax
def get_ssl_accept_server_cert_version() -> str: ...
ssl_accept_server_cert_version = property(get_ssl_accept_server_cert_version, None)
Default Value
""
Remarks
The certificate's version number. The possible values are the strings "V1", "V2", and "V3".
This property is read-only.
ssl_accept_server_cert_subject Property
The subject of the certificate used for client authentication.
Syntax
def get_ssl_accept_server_cert_subject() -> str: ... def set_ssl_accept_server_cert_subject(value: str) -> None: ...
ssl_accept_server_cert_subject = property(get_ssl_accept_server_cert_subject, set_ssl_accept_server_cert_subject)
Default Value
""
Remarks
The subject of the certificate used for client authentication.
This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.
If a matching certificate is found, the property is set to the full subject of the matching certificate.
If an exact match is not found, the store is searched for subjects containing the value of the property.
If a match is still not found, the property is set to an empty string, and no certificate is selected.
The special value "*" picks a random certificate in the certificate store.
The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:
Field | Meaning |
CN | Common Name. This is commonly a hostname like www.server.com. |
O | Organization |
OU | Organizational Unit |
L | Locality |
S | State |
C | Country |
E | Email Address |
If a field value contains a comma, it must be quoted.
ssl_accept_server_cert_encoded Property
The certificate (PEM/Base64 encoded).
Syntax
def get_ssl_accept_server_cert_encoded() -> bytes: ... def set_ssl_accept_server_cert_encoded(value: bytes) -> None: ...
ssl_accept_server_cert_encoded = property(get_ssl_accept_server_cert_encoded, set_ssl_accept_server_cert_encoded)
Default Value
""
Remarks
The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The ssl_accept_server_cert_store and ssl_accept_server_cert_subject properties also may be used to specify a certificate.
When ssl_accept_server_cert_encoded is set, a search is initiated in the current ssl_accept_server_cert_store for the private key of the certificate. If the key is found, ssl_accept_server_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, ssl_accept_server_cert_subject is set to an empty string.
ssl_cert_effective_date Property
The date on which this certificate becomes valid.
Syntax
def get_ssl_cert_effective_date() -> str: ...
ssl_cert_effective_date = property(get_ssl_cert_effective_date, None)
Default Value
""
Remarks
The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:
23-Jan-2000 15:00:00.
This property is read-only.
ssl_cert_expiration_date Property
The date on which the certificate expires.
Syntax
def get_ssl_cert_expiration_date() -> str: ...
ssl_cert_expiration_date = property(get_ssl_cert_expiration_date, None)
Default Value
""
Remarks
The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:
23-Jan-2001 15:00:00.
This property is read-only.
ssl_cert_extended_key_usage Property
A comma-delimited list of extended key usage identifiers.
Syntax
def get_ssl_cert_extended_key_usage() -> str: ...
ssl_cert_extended_key_usage = property(get_ssl_cert_extended_key_usage, None)
Default Value
""
Remarks
A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).
This property is read-only.
ssl_cert_fingerprint Property
The hex-encoded, 16-byte MD5 fingerprint of the certificate.
Syntax
def get_ssl_cert_fingerprint() -> str: ...
ssl_cert_fingerprint = property(get_ssl_cert_fingerprint, None)
Default Value
""
Remarks
The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02
This property is read-only.
ssl_cert_fingerprint_sha1 Property
The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.
Syntax
def get_ssl_cert_fingerprint_sha1() -> str: ...
ssl_cert_fingerprint_sha1 = property(get_ssl_cert_fingerprint_sha1, None)
Default Value
""
Remarks
The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84
This property is read-only.
ssl_cert_fingerprint_sha256 Property
The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.
Syntax
def get_ssl_cert_fingerprint_sha256() -> str: ...
ssl_cert_fingerprint_sha256 = property(get_ssl_cert_fingerprint_sha256, None)
Default Value
""
Remarks
The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53
This property is read-only.
ssl_cert_issuer Property
The issuer of the certificate.
Syntax
def get_ssl_cert_issuer() -> str: ...
ssl_cert_issuer = property(get_ssl_cert_issuer, None)
Default Value
""
Remarks
The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.
This property is read-only.
ssl_cert_private_key Property
The private key of the certificate (if available).
Syntax
def get_ssl_cert_private_key() -> str: ...
ssl_cert_private_key = property(get_ssl_cert_private_key, None)
Default Value
""
Remarks
The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.
Note: The ssl_cert_private_key may be available but not exportable. In this case, ssl_cert_private_key returns an empty string.
This property is read-only.
ssl_cert_private_key_available Property
Whether a PrivateKey is available for the selected certificate.
Syntax
def get_ssl_cert_private_key_available() -> bool: ...
ssl_cert_private_key_available = property(get_ssl_cert_private_key_available, None)
Default Value
FALSE
Remarks
Whether a ssl_cert_private_key is available for the selected certificate. If ssl_cert_private_key_available is True, the certificate may be used for authentication purposes (e.g., server authentication).
This property is read-only.
ssl_cert_private_key_container Property
The name of the PrivateKey container for the certificate (if available).
Syntax
def get_ssl_cert_private_key_container() -> str: ...
ssl_cert_private_key_container = property(get_ssl_cert_private_key_container, None)
Default Value
""
Remarks
The name of the ssl_cert_private_key container for the certificate (if available). This functionality is available only on Windows platforms.
This property is read-only.
ssl_cert_public_key Property
The public key of the certificate.
Syntax
def get_ssl_cert_public_key() -> str: ...
ssl_cert_public_key = property(get_ssl_cert_public_key, None)
Default Value
""
Remarks
The public key of the certificate. The key is provided as PEM/Base64-encoded data.
This property is read-only.
ssl_cert_public_key_algorithm Property
The textual description of the certificate's public key algorithm.
Syntax
def get_ssl_cert_public_key_algorithm() -> str: ...
ssl_cert_public_key_algorithm = property(get_ssl_cert_public_key_algorithm, None)
Default Value
""
Remarks
The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.
This property is read-only.
ssl_cert_public_key_length Property
The length of the certificate's public key (in bits).
Syntax
def get_ssl_cert_public_key_length() -> int: ...
ssl_cert_public_key_length = property(get_ssl_cert_public_key_length, None)
Default Value
0
Remarks
The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.
This property is read-only.
ssl_cert_serial_number Property
The serial number of the certificate encoded as a string.
Syntax
def get_ssl_cert_serial_number() -> str: ...
ssl_cert_serial_number = property(get_ssl_cert_serial_number, None)
Default Value
""
Remarks
The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.
This property is read-only.
ssl_cert_signature_algorithm Property
The text description of the certificate's signature algorithm.
Syntax
def get_ssl_cert_signature_algorithm() -> str: ...
ssl_cert_signature_algorithm = property(get_ssl_cert_signature_algorithm, None)
Default Value
""
Remarks
The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.
This property is read-only.
ssl_cert_store Property
The name of the certificate store for the client certificate.
Syntax
def get_ssl_cert_store() -> bytes: ... def set_ssl_cert_store(value: bytes) -> None: ...
ssl_cert_store = property(get_ssl_cert_store, set_ssl_cert_store)
Default Value
"MY"
Remarks
The name of the certificate store for the client certificate.
The ssl_cert_store_type property denotes the type of the certificate store specified by ssl_cert_store. If the store is password-protected, specify the password in ssl_cert_store_password.
ssl_cert_store is used in conjunction with the ssl_cert_subject property to specify client certificates. If ssl_cert_store has a value, and ssl_cert_subject or ssl_cert_encoded is set, a search for a certificate is initiated. Please see the ssl_cert_subject property for details.
Designations of certificate stores are platform dependent.
The following designations are the most common User and Machine certificate stores in Windows:
MY | A certificate store holding personal certificates with their associated private keys. |
CA | Certifying authority certificates. |
ROOT | Root certificates. |
When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).
ssl_cert_store_password Property
If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
Syntax
def get_ssl_cert_store_password() -> str: ... def set_ssl_cert_store_password(value: str) -> None: ...
ssl_cert_store_password = property(get_ssl_cert_store_password, set_ssl_cert_store_password)
Default Value
""
Remarks
If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
ssl_cert_store_type Property
The type of certificate store for this certificate.
Syntax
def get_ssl_cert_store_type() -> int: ... def set_ssl_cert_store_type(value: int) -> None: ...
ssl_cert_store_type = property(get_ssl_cert_store_type, set_ssl_cert_store_type)
Default Value
0
Remarks
The type of certificate store for this certificate.
The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:
0 (cstUser - default) | For Windows, this specifies that the certificate store is a certificate store owned by the current user.
Note: This store type is not available in Java. |
1 (cstMachine) | For Windows, this specifies that the certificate store is a machine store.
Note: This store type is not available in Java. |
2 (cstPFXFile) | The certificate store is the name of a PFX (PKCS#12) file containing certificates. |
3 (cstPFXBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in PFX (PKCS#12) format. |
4 (cstJKSFile) | The certificate store is the name of a Java Key Store (JKS) file containing certificates.
Note: This store type is only available in Java. |
5 (cstJKSBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in Java Key Store (JKS) format.
Note: This store type is only available in Java. |
6 (cstPEMKeyFile) | The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate. |
7 (cstPEMKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains a private key and an optional certificate. |
8 (cstPublicKeyFile) | The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate. |
9 (cstPublicKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains a PEM- or DER-encoded public key certificate. |
10 (cstSSHPublicKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains an SSH-style public key. |
11 (cstP7BFile) | The certificate store is the name of a PKCS#7 file containing certificates. |
12 (cstP7BBlob) | The certificate store is a string (binary) representing a certificate store in PKCS#7 format. |
13 (cstSSHPublicKeyFile) | The certificate store is the name of a file that contains an SSH-style public key. |
14 (cstPPKFile) | The certificate store is the name of a file that contains a PPK (PuTTY Private Key). |
15 (cstPPKBlob) | The certificate store is a string (binary) that contains a PPK (PuTTY Private Key). |
16 (cstXMLFile) | The certificate store is the name of a file that contains a certificate in XML format. |
17 (cstXMLBlob) | The certificate store is a string that contains a certificate in XML format. |
18 (cstJWKFile) | The certificate store is the name of a file that contains a JWK (JSON Web Key). |
19 (cstJWKBlob) | The certificate store is a string that contains a JWK (JSON Web Key). |
21 (cstBCFKSFile) | The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store).
Note: This store type is only available in Java and .NET. |
22 (cstBCFKSBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format.
Note: This store type is only available in Java and .NET. |
23 (cstPKCS11) | The certificate is present on a physical security key accessible via a PKCS#11 interface.
To use a security key, the necessary data must first be collected using the CertMgr class. The list_store_certificates method may be called after setting cert_store_type to cstPKCS11, cert_store_password to the PIN, and cert_store to the full path of the PKCS#11 DLL. The certificate information returned in the on_cert_list event's CertEncoded parameter may be saved for later use. When using a certificate, pass the previously saved security key information as the ssl_cert_store and set ssl_cert_store_password to the PIN. Code Example. SSH Authentication with Security Key:
|
99 (cstAuto) | The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically. |
ssl_cert_subject_alt_names Property
Comma-separated lists of alternative subject names for the certificate.
Syntax
def get_ssl_cert_subject_alt_names() -> str: ...
ssl_cert_subject_alt_names = property(get_ssl_cert_subject_alt_names, None)
Default Value
""
Remarks
Comma-separated lists of alternative subject names for the certificate.
This property is read-only.
ssl_cert_thumbprint_md5 Property
The MD5 hash of the certificate.
Syntax
def get_ssl_cert_thumbprint_md5() -> str: ...
ssl_cert_thumbprint_md5 = property(get_ssl_cert_thumbprint_md5, None)
Default Value
""
Remarks
The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
ssl_cert_thumbprint_sha1 Property
The SHA-1 hash of the certificate.
Syntax
def get_ssl_cert_thumbprint_sha1() -> str: ...
ssl_cert_thumbprint_sha1 = property(get_ssl_cert_thumbprint_sha1, None)
Default Value
""
Remarks
The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
ssl_cert_thumbprint_sha256 Property
The SHA-256 hash of the certificate.
Syntax
def get_ssl_cert_thumbprint_sha256() -> str: ...
ssl_cert_thumbprint_sha256 = property(get_ssl_cert_thumbprint_sha256, None)
Default Value
""
Remarks
The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
ssl_cert_usage Property
The text description of UsageFlags .
Syntax
def get_ssl_cert_usage() -> str: ...
ssl_cert_usage = property(get_ssl_cert_usage, None)
Default Value
""
Remarks
The text description of ssl_cert_usage_flags.
This value will be one or more of the following strings and will be separated by commas:
- Digital Signature
- Non-Repudiation
- Key Encipherment
- Data Encipherment
- Key Agreement
- Certificate Signing
- CRL Signing
- Encipher Only
If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.
This property is read-only.
ssl_cert_usage_flags Property
The flags that show intended use for the certificate.
Syntax
def get_ssl_cert_usage_flags() -> int: ...
ssl_cert_usage_flags = property(get_ssl_cert_usage_flags, None)
Default Value
0
Remarks
The flags that show intended use for the certificate. The value of ssl_cert_usage_flags is a combination of the following flags:
0x80 | Digital Signature |
0x40 | Non-Repudiation |
0x20 | Key Encipherment |
0x10 | Data Encipherment |
0x08 | Key Agreement |
0x04 | Certificate Signing |
0x02 | CRL Signing |
0x01 | Encipher Only |
Please see the ssl_cert_usage property for a text representation of ssl_cert_usage_flags.
This functionality currently is not available when the provider is OpenSSL.
This property is read-only.
ssl_cert_version Property
The certificate's version number.
Syntax
def get_ssl_cert_version() -> str: ...
ssl_cert_version = property(get_ssl_cert_version, None)
Default Value
""
Remarks
The certificate's version number. The possible values are the strings "V1", "V2", and "V3".
This property is read-only.
ssl_cert_subject Property
The subject of the certificate used for client authentication.
Syntax
def get_ssl_cert_subject() -> str: ... def set_ssl_cert_subject(value: str) -> None: ...
ssl_cert_subject = property(get_ssl_cert_subject, set_ssl_cert_subject)
Default Value
""
Remarks
The subject of the certificate used for client authentication.
This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.
If a matching certificate is found, the property is set to the full subject of the matching certificate.
If an exact match is not found, the store is searched for subjects containing the value of the property.
If a match is still not found, the property is set to an empty string, and no certificate is selected.
The special value "*" picks a random certificate in the certificate store.
The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:
Field | Meaning |
CN | Common Name. This is commonly a hostname like www.server.com. |
O | Organization |
OU | Organizational Unit |
L | Locality |
S | State |
C | Country |
E | Email Address |
If a field value contains a comma, it must be quoted.
ssl_cert_encoded Property
The certificate (PEM/Base64 encoded).
Syntax
def get_ssl_cert_encoded() -> bytes: ... def set_ssl_cert_encoded(value: bytes) -> None: ...
ssl_cert_encoded = property(get_ssl_cert_encoded, set_ssl_cert_encoded)
Default Value
""
Remarks
The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The ssl_cert_store and ssl_cert_subject properties also may be used to specify a certificate.
When ssl_cert_encoded is set, a search is initiated in the current ssl_cert_store for the private key of the certificate. If the key is found, ssl_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, ssl_cert_subject is set to an empty string.
ssl_enabled Property
This property indicates whether Transport Layer Security/Secure Sockets Layer (TLS/SSL) is enabled.
Syntax
def get_ssl_enabled() -> bool: ... def set_ssl_enabled(value: bool) -> None: ...
ssl_enabled = property(get_ssl_enabled, set_ssl_enabled)
Default Value
FALSE
Remarks
This property specifies whether TLS/SSL is enabled in the class. When False (default), the class operates in plaintext mode. When True, TLS/SSL is enabled.
TLS/SSL may also be enabled by setting ssl_start_mode. Setting ssl_start_mode will automatically update this property value.
ssl_provider Property
The Secure Sockets Layer/Transport Layer Security (SSL/TLS) implementation to use.
Syntax
def get_ssl_provider() -> int: ... def set_ssl_provider(value: int) -> None: ...
ssl_provider = property(get_ssl_provider, set_ssl_provider)
Default Value
0
Remarks
This property specifies the SSL/TLS implementation to use. In most cases the default value of 0 (Automatic) is recommended and should not be changed. When set to 0 (Automatic), the class will select whether to use the platform implementation or the internal implementation depending on the operating system as well as the TLS version being used.
Possible values are as follows:
0 (sslpAutomatic - default) | Automatically selects the appropriate implementation. |
1 (sslpPlatform) | Uses the platform/system implementation. |
2 (sslpInternal) | Uses the internal implementation. |
In most cases using the default value (Automatic) is recommended. The class will select a provider depending on the current platform.
When Automatic is selected, on Windows, the class will use the platform implementation. On Linux/macOS, the class will use the internal implementation. When TLS 1.3 is enabled via SSLEnabledProtocols, the internal implementation is used on all platforms.
ssl_server_cert_effective_date Property
The date on which this certificate becomes valid.
Syntax
def get_ssl_server_cert_effective_date() -> str: ...
ssl_server_cert_effective_date = property(get_ssl_server_cert_effective_date, None)
Default Value
""
Remarks
The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:
23-Jan-2000 15:00:00.
This property is read-only.
ssl_server_cert_expiration_date Property
The date on which the certificate expires.
Syntax
def get_ssl_server_cert_expiration_date() -> str: ...
ssl_server_cert_expiration_date = property(get_ssl_server_cert_expiration_date, None)
Default Value
""
Remarks
The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:
23-Jan-2001 15:00:00.
This property is read-only.
ssl_server_cert_extended_key_usage Property
A comma-delimited list of extended key usage identifiers.
Syntax
def get_ssl_server_cert_extended_key_usage() -> str: ...
ssl_server_cert_extended_key_usage = property(get_ssl_server_cert_extended_key_usage, None)
Default Value
""
Remarks
A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).
This property is read-only.
ssl_server_cert_fingerprint Property
The hex-encoded, 16-byte MD5 fingerprint of the certificate.
Syntax
def get_ssl_server_cert_fingerprint() -> str: ...
ssl_server_cert_fingerprint = property(get_ssl_server_cert_fingerprint, None)
Default Value
""
Remarks
The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02
This property is read-only.
ssl_server_cert_fingerprint_sha1 Property
The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.
Syntax
def get_ssl_server_cert_fingerprint_sha1() -> str: ...
ssl_server_cert_fingerprint_sha1 = property(get_ssl_server_cert_fingerprint_sha1, None)
Default Value
""
Remarks
The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84
This property is read-only.
ssl_server_cert_fingerprint_sha256 Property
The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.
Syntax
def get_ssl_server_cert_fingerprint_sha256() -> str: ...
ssl_server_cert_fingerprint_sha256 = property(get_ssl_server_cert_fingerprint_sha256, None)
Default Value
""
Remarks
The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53
This property is read-only.
ssl_server_cert_issuer Property
The issuer of the certificate.
Syntax
def get_ssl_server_cert_issuer() -> str: ...
ssl_server_cert_issuer = property(get_ssl_server_cert_issuer, None)
Default Value
""
Remarks
The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.
This property is read-only.
ssl_server_cert_private_key Property
The private key of the certificate (if available).
Syntax
def get_ssl_server_cert_private_key() -> str: ...
ssl_server_cert_private_key = property(get_ssl_server_cert_private_key, None)
Default Value
""
Remarks
The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.
Note: The ssl_server_cert_private_key may be available but not exportable. In this case, ssl_server_cert_private_key returns an empty string.
This property is read-only.
ssl_server_cert_private_key_available Property
Whether a PrivateKey is available for the selected certificate.
Syntax
def get_ssl_server_cert_private_key_available() -> bool: ...
ssl_server_cert_private_key_available = property(get_ssl_server_cert_private_key_available, None)
Default Value
FALSE
Remarks
Whether a ssl_server_cert_private_key is available for the selected certificate. If ssl_server_cert_private_key_available is True, the certificate may be used for authentication purposes (e.g., server authentication).
This property is read-only.
ssl_server_cert_private_key_container Property
The name of the PrivateKey container for the certificate (if available).
Syntax
def get_ssl_server_cert_private_key_container() -> str: ...
ssl_server_cert_private_key_container = property(get_ssl_server_cert_private_key_container, None)
Default Value
""
Remarks
The name of the ssl_server_cert_private_key container for the certificate (if available). This functionality is available only on Windows platforms.
This property is read-only.
ssl_server_cert_public_key Property
The public key of the certificate.
Syntax
def get_ssl_server_cert_public_key() -> str: ...
ssl_server_cert_public_key = property(get_ssl_server_cert_public_key, None)
Default Value
""
Remarks
The public key of the certificate. The key is provided as PEM/Base64-encoded data.
This property is read-only.
ssl_server_cert_public_key_algorithm Property
The textual description of the certificate's public key algorithm.
Syntax
def get_ssl_server_cert_public_key_algorithm() -> str: ...
ssl_server_cert_public_key_algorithm = property(get_ssl_server_cert_public_key_algorithm, None)
Default Value
""
Remarks
The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.
This property is read-only.
ssl_server_cert_public_key_length Property
The length of the certificate's public key (in bits).
Syntax
def get_ssl_server_cert_public_key_length() -> int: ...
ssl_server_cert_public_key_length = property(get_ssl_server_cert_public_key_length, None)
Default Value
0
Remarks
The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.
This property is read-only.
ssl_server_cert_serial_number Property
The serial number of the certificate encoded as a string.
Syntax
def get_ssl_server_cert_serial_number() -> str: ...
ssl_server_cert_serial_number = property(get_ssl_server_cert_serial_number, None)
Default Value
""
Remarks
The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.
This property is read-only.
ssl_server_cert_signature_algorithm Property
The text description of the certificate's signature algorithm.
Syntax
def get_ssl_server_cert_signature_algorithm() -> str: ...
ssl_server_cert_signature_algorithm = property(get_ssl_server_cert_signature_algorithm, None)
Default Value
""
Remarks
The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.
This property is read-only.
ssl_server_cert_store Property
The name of the certificate store for the client certificate.
Syntax
def get_ssl_server_cert_store() -> bytes: ...
ssl_server_cert_store = property(get_ssl_server_cert_store, None)
Default Value
"MY"
Remarks
The name of the certificate store for the client certificate.
The ssl_server_cert_store_type property denotes the type of the certificate store specified by ssl_server_cert_store. If the store is password-protected, specify the password in ssl_server_cert_store_password.
ssl_server_cert_store is used in conjunction with the ssl_server_cert_subject property to specify client certificates. If ssl_server_cert_store has a value, and ssl_server_cert_subject or ssl_server_cert_encoded is set, a search for a certificate is initiated. Please see the ssl_server_cert_subject property for details.
Designations of certificate stores are platform dependent.
The following designations are the most common User and Machine certificate stores in Windows:
MY | A certificate store holding personal certificates with their associated private keys. |
CA | Certifying authority certificates. |
ROOT | Root certificates. |
When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).
This property is read-only.
ssl_server_cert_store_password Property
If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
Syntax
def get_ssl_server_cert_store_password() -> str: ...
ssl_server_cert_store_password = property(get_ssl_server_cert_store_password, None)
Default Value
""
Remarks
If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
This property is read-only.
ssl_server_cert_store_type Property
The type of certificate store for this certificate.
Syntax
def get_ssl_server_cert_store_type() -> int: ...
ssl_server_cert_store_type = property(get_ssl_server_cert_store_type, None)
Default Value
0
Remarks
The type of certificate store for this certificate.
The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:
0 (cstUser - default) | For Windows, this specifies that the certificate store is a certificate store owned by the current user.
Note: This store type is not available in Java. |
1 (cstMachine) | For Windows, this specifies that the certificate store is a machine store.
Note: This store type is not available in Java. |
2 (cstPFXFile) | The certificate store is the name of a PFX (PKCS#12) file containing certificates. |
3 (cstPFXBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in PFX (PKCS#12) format. |
4 (cstJKSFile) | The certificate store is the name of a Java Key Store (JKS) file containing certificates.
Note: This store type is only available in Java. |
5 (cstJKSBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in Java Key Store (JKS) format.
Note: This store type is only available in Java. |
6 (cstPEMKeyFile) | The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate. |
7 (cstPEMKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains a private key and an optional certificate. |
8 (cstPublicKeyFile) | The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate. |
9 (cstPublicKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains a PEM- or DER-encoded public key certificate. |
10 (cstSSHPublicKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains an SSH-style public key. |
11 (cstP7BFile) | The certificate store is the name of a PKCS#7 file containing certificates. |
12 (cstP7BBlob) | The certificate store is a string (binary) representing a certificate store in PKCS#7 format. |
13 (cstSSHPublicKeyFile) | The certificate store is the name of a file that contains an SSH-style public key. |
14 (cstPPKFile) | The certificate store is the name of a file that contains a PPK (PuTTY Private Key). |
15 (cstPPKBlob) | The certificate store is a string (binary) that contains a PPK (PuTTY Private Key). |
16 (cstXMLFile) | The certificate store is the name of a file that contains a certificate in XML format. |
17 (cstXMLBlob) | The certificate store is a string that contains a certificate in XML format. |
18 (cstJWKFile) | The certificate store is the name of a file that contains a JWK (JSON Web Key). |
19 (cstJWKBlob) | The certificate store is a string that contains a JWK (JSON Web Key). |
21 (cstBCFKSFile) | The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store).
Note: This store type is only available in Java and .NET. |
22 (cstBCFKSBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format.
Note: This store type is only available in Java and .NET. |
23 (cstPKCS11) | The certificate is present on a physical security key accessible via a PKCS#11 interface.
To use a security key, the necessary data must first be collected using the CertMgr class. The list_store_certificates method may be called after setting cert_store_type to cstPKCS11, cert_store_password to the PIN, and cert_store to the full path of the PKCS#11 DLL. The certificate information returned in the on_cert_list event's CertEncoded parameter may be saved for later use. When using a certificate, pass the previously saved security key information as the ssl_server_cert_store and set ssl_server_cert_store_password to the PIN. Code Example. SSH Authentication with Security Key:
|
99 (cstAuto) | The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically. |
This property is read-only.
ssl_server_cert_subject_alt_names Property
Comma-separated lists of alternative subject names for the certificate.
Syntax
def get_ssl_server_cert_subject_alt_names() -> str: ...
ssl_server_cert_subject_alt_names = property(get_ssl_server_cert_subject_alt_names, None)
Default Value
""
Remarks
Comma-separated lists of alternative subject names for the certificate.
This property is read-only.
ssl_server_cert_thumbprint_md5 Property
The MD5 hash of the certificate.
Syntax
def get_ssl_server_cert_thumbprint_md5() -> str: ...
ssl_server_cert_thumbprint_md5 = property(get_ssl_server_cert_thumbprint_md5, None)
Default Value
""
Remarks
The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
ssl_server_cert_thumbprint_sha1 Property
The SHA-1 hash of the certificate.
Syntax
def get_ssl_server_cert_thumbprint_sha1() -> str: ...
ssl_server_cert_thumbprint_sha1 = property(get_ssl_server_cert_thumbprint_sha1, None)
Default Value
""
Remarks
The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
ssl_server_cert_thumbprint_sha256 Property
The SHA-256 hash of the certificate.
Syntax
def get_ssl_server_cert_thumbprint_sha256() -> str: ...
ssl_server_cert_thumbprint_sha256 = property(get_ssl_server_cert_thumbprint_sha256, None)
Default Value
""
Remarks
The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
ssl_server_cert_usage Property
The text description of UsageFlags .
Syntax
def get_ssl_server_cert_usage() -> str: ...
ssl_server_cert_usage = property(get_ssl_server_cert_usage, None)
Default Value
""
Remarks
The text description of ssl_server_cert_usage_flags.
This value will be one or more of the following strings and will be separated by commas:
- Digital Signature
- Non-Repudiation
- Key Encipherment
- Data Encipherment
- Key Agreement
- Certificate Signing
- CRL Signing
- Encipher Only
If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.
This property is read-only.
ssl_server_cert_usage_flags Property
The flags that show intended use for the certificate.
Syntax
def get_ssl_server_cert_usage_flags() -> int: ...
ssl_server_cert_usage_flags = property(get_ssl_server_cert_usage_flags, None)
Default Value
0
Remarks
The flags that show intended use for the certificate. The value of ssl_server_cert_usage_flags is a combination of the following flags:
0x80 | Digital Signature |
0x40 | Non-Repudiation |
0x20 | Key Encipherment |
0x10 | Data Encipherment |
0x08 | Key Agreement |
0x04 | Certificate Signing |
0x02 | CRL Signing |
0x01 | Encipher Only |
Please see the ssl_server_cert_usage property for a text representation of ssl_server_cert_usage_flags.
This functionality currently is not available when the provider is OpenSSL.
This property is read-only.
ssl_server_cert_version Property
The certificate's version number.
Syntax
def get_ssl_server_cert_version() -> str: ...
ssl_server_cert_version = property(get_ssl_server_cert_version, None)
Default Value
""
Remarks
The certificate's version number. The possible values are the strings "V1", "V2", and "V3".
This property is read-only.
ssl_server_cert_subject Property
The subject of the certificate used for client authentication.
Syntax
def get_ssl_server_cert_subject() -> str: ...
ssl_server_cert_subject = property(get_ssl_server_cert_subject, None)
Default Value
""
Remarks
The subject of the certificate used for client authentication.
This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.
If a matching certificate is found, the property is set to the full subject of the matching certificate.
If an exact match is not found, the store is searched for subjects containing the value of the property.
If a match is still not found, the property is set to an empty string, and no certificate is selected.
The special value "*" picks a random certificate in the certificate store.
The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:
Field | Meaning |
CN | Common Name. This is commonly a hostname like www.server.com. |
O | Organization |
OU | Organizational Unit |
L | Locality |
S | State |
C | Country |
E | Email Address |
If a field value contains a comma, it must be quoted.
This property is read-only.
ssl_server_cert_encoded Property
The certificate (PEM/Base64 encoded).
Syntax
def get_ssl_server_cert_encoded() -> bytes: ...
ssl_server_cert_encoded = property(get_ssl_server_cert_encoded, None)
Default Value
""
Remarks
The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The ssl_server_cert_store and ssl_server_cert_subject properties also may be used to specify a certificate.
When ssl_server_cert_encoded is set, a search is initiated in the current ssl_server_cert_store for the private key of the certificate. If the key is found, ssl_server_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, ssl_server_cert_subject is set to an empty string.
This property is read-only.
ssl_start_mode Property
This property determines how the class starts the Secure Sockets Layer (SSL) negotiation.
Syntax
def get_ssl_start_mode() -> int: ... def set_ssl_start_mode(value: int) -> None: ...
ssl_start_mode = property(get_ssl_start_mode, set_ssl_start_mode)
Default Value
3
Remarks
The ssl_start_mode property may have one of the following values:
0 (sslAutomatic) | If the remote port is set to the standard plaintext port of the protocol (where applicable), the class will behave the same as if ssl_start_mode is set to sslExplicit. In all other cases, SSL negotiation will be implicit (sslImplicit). |
1 (sslImplicit) | The SSL negotiation will start immediately after the connection is established. |
2 (sslExplicit) | The class will first connect in plaintext, and then will explicitly start SSL negotiation through a protocol command such as STARTTLS. |
3 (sslNone - default) | No SSL negotiation; no SSL security. All communication will be in plaintext mode. |
timeout Property
The timeout for the class.
Syntax
def get_timeout() -> int: ... def set_timeout(value: int) -> None: ...
timeout = property(get_timeout, set_timeout)
Default Value
60
Remarks
If the timeout property is set to 0, all operations will run uninterrupted until successful completion or an error condition is encountered.
If timeout is set to a positive value, the class will wait for the operation to complete before returning control.
The class will use do_events to enter an efficient wait loop during any potential waiting period, making sure that all system events are processed immediately as they arrive. This ensures that the host application does not freeze and remains responsive.
If timeout expires, and the operation is not yet complete, the class fails with an error.
Note: By default, all timeouts are inactivity timeouts, that is, the timeout period is extended by timeout seconds when any amount of data is successfully sent or received.
The default value for the timeout property is 60 seconds.
user Property
This property includes the user identifier for the mailbox.
Syntax
def get_user() -> str: ... def set_user(value: str) -> None: ...
user = property(get_user, set_user)
Default Value
""
Remarks
This property contains the user identifier for the mailbox. This property must be set before the class connects to the mail_server.
check_message_encrypted Method
This method checks whether or not the current message is encrypted.
Syntax
def check_message_encrypted() -> bool: ...
Remarks
This method is used to check whether or not the current message is encrypted. This method will return True, if the current message appears to be encrypted, according to the value of output_message_headers.
check_message_signed Method
This method checks whether or not the current message is signed.
Syntax
def check_message_signed() -> bool: ...
Remarks
This method is used to check whether or not the current message is signed. This method will return True, if the current message appears to be signed, according to the value of output_message_headers.
Note: A message that is both signed and encrypted will not appear to be signed until after it is decrypted.
config Method
Sets or retrieves a configuration setting.
Syntax
def config(configuration_string: str) -> str: ...
Remarks
config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.
These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the config method.
To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).
To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.
connect Method
This method connects to the mail server and attempts to log in.
Syntax
def connect() -> None: ...
Remarks
This method connects to the mail server and attempts to log in using the current user and password. Then it retrieves the initial statistics about the mailbox contents (message_count and query_total_size).
Example. Connect to POP Mailbox:
POPControl.MailServer = "MyPOPServer"
POPControl.User = "username"
POPControl.Password = "password"
POPControl.Connect()
POPControl.MessageNumber = 1
POPControl.Retrieve()
MessageText = POPControl.MessageText
MessageHeaders = POPControl.MessageHeaders
decrypt Method
This method decrypts the current Message .
Syntax
def decrypt() -> None: ...
Remarks
This method attempts to decrypt the encrypted message using the certificate in certificate.
decrypt_and_verify_signature Method
This method decrypts and verifies the signature of the current message.
Syntax
def decrypt_and_verify_signature() -> None: ...
Remarks
This method attempts to both decrypt and verify the signature of the message. All of the properties affected by calling the decrypt and verify_signature methods are affected in the same manner.
Note: This function does not attempt to check the validity of the signing certificate.
delete Method
This method deletes a message specified by MessageNumber on the server.
Syntax
def delete() -> None: ...
Remarks
This method asks the mail_server to delete the message specified by message_number. The message will not actually be deleted from the server until the connection is closed. To cancel a previous Delete, use the reset method.
disconnect Method
This method disconnects from the mail server.
Syntax
def disconnect() -> None: ...
Remarks
This method makes the class disconnect from the mail_server by sending the QUIT command. If successful, all changes to the mailbox are committed by the server. Otherwise, changes are rolled back to the initial state that the server was in before the connection.
do_events Method
This method processes events from the internal message queue.
Syntax
def do_events() -> None: ...
Remarks
When do_events is called, the class processes any available events. If no events are available, it waits for a preset period of time, and then returns.
interrupt Method
This method interrupts the current method.
Syntax
def interrupt() -> None: ...
Remarks
If there is no method in progress, interrupt simply returns, doing nothing.
list_message_sizes Method
This method retrieves a list of all message sizes from the server.
Syntax
def list_message_sizes() -> None: ...
Remarks
This message retrieves a list of all message sizes from the server. For each message listed, a on_message_list event will fire containing the number and size of the message.
list_message_ui_ds Method
This method retrieves a list of all message UIDs from the server.
Syntax
def list_message_ui_ds() -> None: ...
Remarks
This method retrieves a list of all message UIDs from the server. For each message listed, a on_message_list event will fire containing the number and UID of the message.
localize_date Method
This method converts a valid RFC 822 message date to a local date and time.
Syntax
def localize_date(date_time: str) -> str: ...
Remarks
This method can be used to convert an RFC 822 date and time string to the corresponding local date and time.
Note: Dates will be returned in the format: "MM/dd/yyyy hh:mm:ss".
query_message_size Method
This method returns the size in bytes of the current message.
Syntax
def query_message_size() -> int: ...
Remarks
This method queries the server for the size in bytes of the message specified by message_number. The method returns the size (in bytes) of the message.
If the class is not connected, or message_number does not contain a valid message number, the return value is 0. Otherwise, it returns the size of the mail message (including headers) as reported by the server.
The mail_server is asked about the size of the message only if the message_number property has changed. If message_number has not changed, the class returns a cached value.
query_message_uid Method
This method returns the unique identifier (UID) of the message as specified by the server.
Syntax
def query_message_uid() -> str: ...
Remarks
This method returns the unique identifier (UID) of the message specified by message_number. If the class is not connected, or message_number does not contain a valid message number, the return value of this method is an empty string. Otherwise, it returns the UID of the mail message as reported by the server.
The mail_server is asked about the UID of the message only if the message_number property has changed. If message_number has not changed, the class returns a cached value.
query_total_size Method
This method returns the cumulative size in bytes of messages in the mailbox (including headers).
Syntax
def query_total_size() -> int: ...
Remarks
This method returns the cumulative size in bytes of messages in the mailbox (including headers). When the class is not connected to the server, the return value of this method is 0. When connected, it returns the cumulative size of all the messages in the mail box as reported by the POP server.
reset Method
This method resets all changes and revert back to the state when the user first connected.
Syntax
def reset() -> None: ...
Remarks
This method is used to reset all changes and revert back to the state when the user first connected. Asks the mail_server to reset all changes and revert back to the state it was when connected.
retrieve Method
This method retrieves a message specified by MessageNumber from the server.
Syntax
def retrieve() -> None: ...
Remarks
This method is used to retrieve a message specified by message_number from the server. It asks the mail_server to retrieve the message specified by message_number. The message headers will arrive in the on_header event, and the message text will arrive in the on_transfer event.
The max_lines property defines the number of lines retrieved.
Example. Connect and Retrieve Messages:
POPControl.MailServer = "MyPOPServer"
POPControl.User = "username"
POPControl.Password = "password"
POPControl.Connect()
POPControl.MessageNumber = 1
POPControl.Retrieve()
retrieve_headers Method
This method retrieves headers for a message specified by MessageNumber .
Syntax
def retrieve_headers() -> None: ...
Remarks
Calling this method will retrieve the headers for the message specified by the message_number property. The message headers will be provided by the on_header event and also stored in the message_headers property.
Example. Connect and Retrieve Message Headers:
POPControl.MailServer = "MyPOPServer"
POPControl.User = "username"
POPControl.Password = "password"
POPControl.Connect()
POPControl.MessageNumber = 1
POPControl.RetrieveHeaders()
send_command Method
This method sends the exact command directly to the server.
Syntax
def send_command(command: str) -> None: ...
Remarks
This method sends the command specified by Command to the server exactly as it is provided. Use this method to send additional or custom commands directly to the server.
After calling this method, check the last_reply property or monitor the on_pi_trail event to obtain the server's response.
verify_signature Method
This method verifies the signature of the current message.
Syntax
def verify_signature() -> None: ...
Remarks
This method attempts to verify the signature of the input message. If the message does not have a certificate attached, the class will attempt to verify the signature using the certificate supplied in signer_cert (if any). If no certificate is found, the class fails with an error.
If this method is successful, the signer_cert property will contain the certificate information of the message signer.
Note: This function does not attempt to check the validity of the signing certificate.
on_connection_status Event
Fired to indicate changes in the connection state.
Syntax
class SPOPConnectionStatusEventParams(object): @property def connection_event() -> str: ... @property def status_code() -> int: ... @property def description() -> str: ... # In class SPOP: @property def on_connection_status() -> Callable[[SPOPConnectionStatusEventParams], None]: ... @on_connection_status.setter def on_connection_status(event_hook: Callable[[SPOPConnectionStatusEventParams], None]) -> None: ...
Remarks
This event is fired when the connection state changes: for example, completion of a firewall or proxy connection or completion of a security handshake.
The ConnectionEvent parameter indicates the type of connection event. Values may include the following:
Firewall connection complete. | |
Secure Sockets Layer (SSL) or S/Shell handshake complete (where applicable). | |
Remote host connection complete. | |
Remote host disconnected. | |
SSL or S/Shell connection broken. | |
Firewall host disconnected. |
on_end_transfer Event
This event is fired when the message completes transferring.
Syntax
class SPOPEndTransferEventParams(object): @property def direction() -> int: ... # In class SPOP: @property def on_end_transfer() -> Callable[[SPOPEndTransferEventParams], None]: ... @on_end_transfer.setter def on_end_transfer(event_hook: Callable[[SPOPEndTransferEventParams], None]) -> None: ...
Remarks
The on_end_transfer event is fired when the message body completes transferring from the server to the local host.
The Direction parameter shows whether the client (0) or the server (1) is sending the data.
on_error Event
Fired when information is available about errors during data delivery.
Syntax
class SPOPErrorEventParams(object): @property def error_code() -> int: ... @property def description() -> str: ... # In class SPOP: @property def on_error() -> Callable[[SPOPErrorEventParams], None]: ... @on_error.setter def on_error(event_hook: Callable[[SPOPErrorEventParams], None]) -> None: ...
Remarks
The on_error event is fired in case of exceptional conditions during message processing. Normally the class fails with an error.
The ErrorCode parameter contains an error code, and the Description parameter contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.
on_header Event
This event is fired for every message header being retrieved.
Syntax
class SPOPHeaderEventParams(object): @property def field() -> str: ... @property def value() -> str: ... # In class SPOP: @property def on_header() -> Callable[[SPOPHeaderEventParams], None]: ... @on_header.setter def on_header(event_hook: Callable[[SPOPHeaderEventParams], None]) -> None: ...
Remarks
The Field parameter contains the name of the header (in the same case as it is delivered). The Value parameter contains the header contents.
If the header line being retrieved is a continuation header line, then the Field parameter contains "" (empty string).
on_message_list Event
This event is fired for every message listed by ListMessageSizes and/or ListMessageUIDs .
Syntax
class SPOPMessageListEventParams(object): @property def message_number() -> int: ... @property def message_uid() -> str: ... @property def message_size() -> int: ... # In class SPOP: @property def on_message_list() -> Callable[[SPOPMessageListEventParams], None]: ... @on_message_list.setter def on_message_list(event_hook: Callable[[SPOPMessageListEventParams], None]) -> None: ...
Remarks
When list_message_sizes is called, MessageSize is valid, and MessageUID is always an empty string.
When list_message_ui_ds is called, MessageUID is valid, and MessageSize is 0.
on_pi_trail Event
This event traces the commands sent to the mail server, and the respective replies.
Syntax
class SPOPPITrailEventParams(object): @property def direction() -> int: ... @property def message() -> str: ... # In class SPOP: @property def on_pi_trail() -> Callable[[SPOPPITrailEventParams], None]: ... @on_pi_trail.setter def on_pi_trail(event_hook: Callable[[SPOPPITrailEventParams], None]) -> None: ...
Remarks
The on_pi_trail event is useful for debugging purposes. It shows all of the interaction between the client and the server, line by line, except for message header and body transfers.
The Message parameter contains the full text of the message. The Direction parameter shows the originator of the message:
0 (Client) | The Message originates from the client. |
1 (Server) | The Message originates from the server. |
2 (Info) | The Message is an informative message originating from the client software (the class code). |
on_ssl_server_authentication Event
Fired after the server presents its certificate to the client.
Syntax
class SPOPSSLServerAuthenticationEventParams(object): @property def cert_encoded() -> bytes: ... @property def cert_subject() -> str: ... @property def cert_issuer() -> str: ... @property def status() -> str: ... @property def accept() -> bool: ... @accept.setter def accept(value) -> None: ... # In class SPOP: @property def on_ssl_server_authentication() -> Callable[[SPOPSSLServerAuthenticationEventParams], None]: ... @on_ssl_server_authentication.setter def on_ssl_server_authentication(event_hook: Callable[[SPOPSSLServerAuthenticationEventParams], None]) -> None: ...
Remarks
During this event, the client can decide whether or not to continue with the connection process. The Accept parameter is a recommendation on whether to continue or close the connection. This is just a suggestion: application software must use its own logic to determine whether or not to continue.
When Accept is False, Status shows why the verification failed (otherwise, Status contains the string OK). If it is decided to continue, you can override and accept the certificate by setting the Accept parameter to True.
on_ssl_status Event
Fired when secure connection progress messages are available.
Syntax
class SPOPSSLStatusEventParams(object): @property def message() -> str: ... # In class SPOP: @property def on_ssl_status() -> Callable[[SPOPSSLStatusEventParams], None]: ... @on_ssl_status.setter def on_ssl_status(event_hook: Callable[[SPOPSSLStatusEventParams], None]) -> None: ...
Remarks
The event is fired for informational and logging purposes only. This event tracks the progress of the connection.
on_start_transfer Event
This event is fired when the message starts transferring.
Syntax
class SPOPStartTransferEventParams(object): @property def direction() -> int: ... # In class SPOP: @property def on_start_transfer() -> Callable[[SPOPStartTransferEventParams], None]: ... @on_start_transfer.setter def on_start_transfer(event_hook: Callable[[SPOPStartTransferEventParams], None]) -> None: ...
Remarks
The on_start_transfer event is fired when the message body starts transferring from the server to the local host.
The Direction parameter shows whether the client (0) or the server (1) is sending the data.
on_transfer Event
This event is fired when the message is transferred from MailServer .
Syntax
class SPOPTransferEventParams(object): @property def direction() -> int: ... @property def bytes_transferred() -> int: ... @property def percent_done() -> int: ... @property def text() -> bytes: ... @property def eol() -> bool: ... # In class SPOP: @property def on_transfer() -> Callable[[SPOPTransferEventParams], None]: ... @on_transfer.setter def on_transfer(event_hook: Callable[[SPOPTransferEventParams], None]) -> None: ...
Remarks
The Text parameter contains the portion of the message data to be retrieved.
The BytesTransferred parameter contains the number of bytes transferred since the beginning of the message, including header bytes. At the end of transmission (i.e., when the last on_transfer event is fired), BytesTransferred equals the value of the query_message_size method.
The on_transfer event is fired for every line of the message. For complete lines, there is no terminating newline at the end of the Text parameter, and EOL is True. The EOL parameter is False when a line is broken (usually for being too long).
A faster way to retrieve a message is to assign a value to the local_file property and use the on_transfer event to check the progress rather than to get the actual data.
The Direction parameter shows whether the client (0) or the server (1) is sending the data.
The PercentDone parameter shows the progress of the transfer in the corresponding direction. If PercentDone can not be calculated the value will be -1.
Note: Events are not re-entrant. Performing time-consuming operations within this event will prevent it from firing again in a timely manner and may affect overall performance.
Note: For the PercentDone parameter value to be correct, the GetMessageSize configuration setting must be set to True.
SPOP Config Settings
The class accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the config method.POP Config Settings
TCPClient Config Settings
If the FirewallHost setting is set to a Domain Name, a DNS request is initiated. Upon successful termination of the request, the FirewallHost setting is set to the corresponding address. If the search is not successful, an error is returned.
Note: This setting is provided for use by classs that do not directly expose Firewall properties.
Note: This setting is provided for use by classs that do not directly expose Firewall properties.
Note: This configuration setting is provided for use by classs that do not directly expose Firewall properties.
0 | No firewall (default setting). |
1 | Connect through a tunneling proxy. FirewallPort is set to 80. |
2 | Connect through a SOCKS4 Proxy. FirewallPort is set to 1080. |
3 | Connect through a SOCKS5 Proxy. FirewallPort is set to 1080. |
10 | Connect through a SOCKS4A Proxy. FirewallPort is set to 1080. |
Note: This setting is provided for use by classs that do not directly expose Firewall properties.
Note: This setting is provided for use by classs that do not directly expose Firewall properties.
Note: This value is not applicable in macOS.
In the case that Linger is True (default), two scenarios determine how long the connection will linger. In the first, if LingerTime is 0 (default), the system will attempt to send pending data for a connection until the default IP timeout expires.
In the second scenario, if LingerTime is a positive value, the system will attempt to send pending data until the specified LingerTime is reached. If this attempt fails, then the system will reset the connection.
The default behavior (which is also the default mode for stream sockets) might result in a long delay in closing the connection. Although the class returns control immediately, the system could hold system resources until all pending data are sent (even after your application closes).
Setting this property to False forces an immediate disconnection. If you know that the other side has received all the data you sent (e.g., by a client acknowledgment), setting this property to False might be the appropriate course of action.
In multihomed hosts (machines with more than one IP interface), setting LocalHost to the value of an interface will make the class initiate connections (or accept in the case of server classs) only through that interface.
If the class is connected, the local_host setting shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multihomed hosts (machines with more than one IP interface).
Setting this to 0 (default) enables the system to choose a port at random. The chosen port will be shown by local_port after the connection is established.
local_port cannot be changed once a connection is made. Any attempt to set this when a connection is active will generate an error.
This configuration setting is useful when trying to connect to services that require a trusted port on the client side. An example is the remote shell (rsh) service in UNIX systems.
If an eol string is found in the input stream before MaxLineLength bytes are received, the on_data_in event is fired with the EOL parameter set to True, and the buffer is reset.
If no eol is found, and MaxLineLength bytes are accumulated in the buffer, the on_data_in event is fired with the EOL parameter set to False, and the buffer is reset.
The minimum value for MaxLineLength is 256 bytes. The default value is 2048 bytes.
www.google.com;www.nsoftware.com
Note: This value is not applicable in Java.
By default, this configuration setting is set to False.
0 | IPv4 only |
1 | IPv6 only |
2 | IPv6 with IPv4 fallback |
SSL Config Settings
When enabled, SSL packet logs are output using the on_ssl_status event, which will fire each time an SSL packet is sent or received.
Enabling this configuration setting has no effect if ssl_provider is set to Platform.
The path set by this property should point to a directory containing CA certificates in PEM format. The files each contain one CA certificate. The files are looked up by the CA subject name hash value, which must hence be available. If more than one CA certificate with the same name hash value exist, the extension must be different (e.g., 9d66eef0.0, 9d66eef0.1). OpenSSL recommends the use of the c_rehash utility to create the necessary links. Please refer to the OpenSSL man page SSL_CTX_load_verify_locations(3) for details.
The file set by this property should contain a list of CA certificates in PEM format. The file can contain several CA certificates identified by the following sequences:
-----BEGIN CERTIFICATE-----
... (CA certificate in base64 encoding) ...
-----END CERTIFICATE-----
Before, between, and after the certificate text is allowed, which can be used, for example, for descriptions of the certificates. Refer to the OpenSSL man page SSL_CTX_load_verify_locations(3) for details.
The format of this string is described in the OpenSSL man page ciphers(1) section "CIPHER LIST FORMAT". Please refer to it for details. The default string "DEFAULT" is determined at compile time and is normally equivalent to "ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH".
By default, OpenSSL uses the device file "/dev/urandom" to seed the PRNG, and setting OpenSSLPrngSeedData is not required. If set, the string specified is used to seed the PRNG.
If set to True, the class will reuse the context if and only if the following criteria are met:
- The target host name is the same.
- The system cache entry has not expired (default timeout is 10 hours).
- The application process that calls the function is the same.
- The logon session is the same.
- The instance of the class is the same.
The value is formatted as a list of paths separated by semicolons. The class will check for the existence of each file in the order specified. When a file is found, the CA certificates within the file will be loaded and used to determine the validity of server or client certificates.
The default value is as follows:
/etc/ssl/ca-bundle.pem;/etc/pki/tls/certs/ca-bundle.crt;/etc/ssl/certs/ca-certificates.crt;/etc/pki/tls/cacert.pem
-----BEGIN CERTIFICATE----- MIIEKzCCAxOgAwIBAgIRANTET4LIkxdH6P+CFIiHvTowDQYJKoZIhvcNAQELBQAw ... Intermediate Cert ... eWHV5OW1K53o/atv59sOiW5K3crjFhsBOd5Q+cJJnU+SWinPKtANXMht+EDvYY2w F0I1XhM+pKj7FjDr+XNj -----END CERTIFICATE----- \r \n -----BEGIN CERTIFICATE----- MIIEFjCCAv6gAwIBAgIQetu1SMxpnENAnnOz1P+PtTANBgkqhkiG9w0BAQUFADBp ... Root Cert ... d8q23djXZbVYiIfE9ebr4g3152BlVCHZ2GyPdjhIuLeH21VbT/dyEHHA -----END CERTIFICATE-----
When set to 0 (default), the CRL check will not be performed by the class. When set to 1, it will attempt to perform the CRL check, but it will continue without an error if the server's certificate does not support CRL. When set to 2, it will perform the CRL check and will throw an error if CRL is not supported.
This configuration setting is supported only in the Java, C#, and C++ editions. In the C++ edition, it is supported only on Windows operating systems.
When set to 0 (default), the class will not perform an OCSP check. When set to 1, it will attempt to perform the OCSP check, but it will continue without an error if the server's certificate does not support OCSP. When set to 2, it will perform the OCSP check and will throw an error if OCSP is not supported.
This configuration setting is supported only in the Java, C#, and C++ editions. In the C++ edition, it is supported only on Windows operating systems.
Note: This configuration setting contains the minimum cipher strength requested from the security library. The actual cipher strength used for the connection is shown by the on_ssl_status event.
Use this configuration setting with caution. Requesting a lower cipher strength than necessary could potentially cause serious security vulnerabilities in your application.
When the provider is OpenSSL, SSLCipherStrength is currently not supported. This functionality is instead made available through the OpenSSLCipherList configuration setting.
The value of this configuration setting is a newline-separated (CR/LF) list of certificates. For instance:
-----BEGIN CERTIFICATE----- MIIEKzCCAxOgAwIBAgIRANTET4LIkxdH6P+CFIiHvTowDQYJKoZIhvcNAQELBQAw ... Intermediate Cert ... eWHV5OW1K53o/atv59sOiW5K3crjFhsBOd5Q+cJJnU+SWinPKtANXMht+EDvYY2w F0I1XhM+pKj7FjDr+XNj -----END CERTIFICATE----- \r \n -----BEGIN CERTIFICATE----- MIIEFjCCAv6gAwIBAgIQetu1SMxpnENAnnOz1P+PtTANBgkqhkiG9w0BAQUFADBp ... Root Cert ... d8q23djXZbVYiIfE9ebr4g3152BlVCHZ2GyPdjhIuLeH21VbT/dyEHHA -----END CERTIFICATE-----
By default, the enabled cipher suites will include all available ciphers ("*").
The special value "*" means that the class will pick all of the supported cipher suites. If SSLEnabledCipherSuites is set to any other value, only the specified cipher suites will be considered.
Multiple cipher suites are separated by semicolons.
Example values when ssl_provider is set to Platform include the following:
obj.config("SSLEnabledCipherSuites=*");
obj.config("SSLEnabledCipherSuites=CALG_AES_256");
obj.config("SSLEnabledCipherSuites=CALG_AES_256;CALG_3DES");
Possible values when ssl_provider is set to Platform include the following:
- CALG_3DES
- CALG_3DES_112
- CALG_AES
- CALG_AES_128
- CALG_AES_192
- CALG_AES_256
- CALG_AGREEDKEY_ANY
- CALG_CYLINK_MEK
- CALG_DES
- CALG_DESX
- CALG_DH_EPHEM
- CALG_DH_SF
- CALG_DSS_SIGN
- CALG_ECDH
- CALG_ECDH_EPHEM
- CALG_ECDSA
- CALG_ECMQV
- CALG_HASH_REPLACE_OWF
- CALG_HUGHES_MD5
- CALG_HMAC
- CALG_KEA_KEYX
- CALG_MAC
- CALG_MD2
- CALG_MD4
- CALG_MD5
- CALG_NO_SIGN
- CALG_OID_INFO_CNG_ONLY
- CALG_OID_INFO_PARAMETERS
- CALG_PCT1_MASTER
- CALG_RC2
- CALG_RC4
- CALG_RC5
- CALG_RSA_KEYX
- CALG_RSA_SIGN
- CALG_SCHANNEL_ENC_KEY
- CALG_SCHANNEL_MAC_KEY
- CALG_SCHANNEL_MASTER_HASH
- CALG_SEAL
- CALG_SHA
- CALG_SHA1
- CALG_SHA_256
- CALG_SHA_384
- CALG_SHA_512
- CALG_SKIPJACK
- CALG_SSL2_MASTER
- CALG_SSL3_MASTER
- CALG_SSL3_SHAMD5
- CALG_TEK
- CALG_TLS1_MASTER
- CALG_TLS1PRF
obj.config("SSLEnabledCipherSuites=*");
obj.config("SSLEnabledCipherSuites=TLS_DHE_DSS_WITH_AES_128_CBC_SHA");
obj.config("SSLEnabledCipherSuites=TLS_DHE_DSS_WITH_AES_128_CBC_SHA;TLS_ECDH_RSA_WITH_AES_128_CBC_SHA");
Possible values when ssl_provider is set to Internal include the following:
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_RSA_WITH_AES_256_GCM_SHA384
- TLS_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
- TLS_RSA_WITH_AES_256_CBC_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_RSA_WITH_AES_128_CBC_SHA256
- TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
- TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
- TLS_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA
- TLS_RSA_WITH_AES_128_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
- TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
- TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
- TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
- TLS_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_RSA_WITH_DES_CBC_SHA
- TLS_DHE_RSA_WITH_DES_CBC_SHA
- TLS_DHE_DSS_WITH_DES_CBC_SHA
- TLS_RSA_WITH_RC4_128_MD5
- TLS_RSA_WITH_RC4_128_SHA
When TLS 1.3 is negotiated (see SSLEnabledProtocols), only the following cipher suites are supported:
- TLS_AES_256_GCM_SHA384
- TLS_CHACHA20_POLY1305_SHA256
- TLS_AES_128_GCM_SHA256
SSLEnabledCipherSuites is used together with SSLCipherStrength.
Not all supported protocols are enabled by default. The default value is 4032 for client components, and 3072 for server components. To specify a combination of enabled protocol versions set this config to the binary OR of one or more of the following values:
TLS1.3 | 12288 (Hex 3000) |
TLS1.2 | 3072 (Hex C00) (Default - Client and Server) |
TLS1.1 | 768 (Hex 300) (Default - Client) |
TLS1 | 192 (Hex C0) (Default - Client) |
SSL3 | 48 (Hex 30) |
SSL2 | 12 (Hex 0C) |
Note that only TLS 1.2 is enabled for server components that accept incoming connections. This adheres to industry standards to ensure a secure connection. Client components enable TLS 1.0, TLS 1.1, and TLS 1.2 by default and will negotiate the highest mutually supported version when connecting to a server, which should be TLS 1.2 in most cases.
SSLEnabledProtocols: Transport Layer Security (TLS) 1.3 Notes:
By default when TLS 1.3 is enabled, the class will use the internal TLS implementation when the ssl_provider is set to Automatic for all editions.
In editions that are designed to run on Windows, ssl_provider can be set to Platform to use the platform implementation instead of the internal implementation. When configured in this manner, please note that the platform provider is supported only on Windows 11/Windows Server 2022 and up. The default internal provider is available on all platforms and is not restricted to any specific OS version.
If set to 1 (Platform provider), please be aware of the following notes:
- The platform provider is available only on Windows 11/Windows Server 2022 and up.
- SSLEnabledCipherSuites and other similar SSL configuration settings are not supported.
- If SSLEnabledProtocols includes both TLS 1.3 and TLS 1.2, these restrictions are still applicable even if TLS 1.2 is negotiated. Enabling TLS 1.3 with the platform provider changes the implementation used for all TLS versions.
SSLEnabledProtocols: SSL2 and SSL3 Notes:
SSL 2.0 and 3.0 are not supported by the class when the ssl_provider is set to internal. To use SSL 2.0 or SSL 3.0, the platform security API must have the protocols enabled and ssl_provider needs to be set to platform.
This configuration setting is applicable only when ssl_provider is set to Internal.
If set to True, all certificates returned by the server will be present in the Encoded parameter of the on_ssl_server_authentication event. This includes the leaf certificate, any intermediate certificate, and the root certificate.
When set, the class will save the session secrets in the same format as the SSLKEYLOGFILE environment variable functionality used by most major browsers and tools, such as Chrome, Firefox, and cURL. This file can then be used in tools such as Wireshark to decrypt TLS traffic for debugging purposes. When writing to this file, the class will only append, it will not overwrite previous values.
Note: This configuration setting is applicable only when ssl_provider is set to Internal.
Note: For server components (e.g., TCPServer), this is a per-connection configuration setting accessed by passing the ConnectionId. For example:
server.Config("SSLNegotiatedCipher[connId]");
Note: For server components (e.g., TCPServer), this is a per-connection configuration setting accessed by passing the ConnectionId. For example:
server.Config("SSLNegotiatedCipherStrength[connId]");
Note: For server components (e.g., TCPServer), this is a per-connection configuration setting accessed by passing the ConnectionId. For example:
server.Config("SSLNegotiatedCipherSuite[connId]");
Note: For server components (e.g., TCPServer), this is a per-connection configuration setting accessed by passing the ConnectionId. For example:
server.Config("SSLNegotiatedKeyExchange[connId]");
Note: For server components (e.g., TCPServer), this is a per-connection configuration setting accessed by passing the ConnectionId. For example:
server.Config("SSLNegotiatedKeyExchangeStrength[connId]");
Note: For server components (e.g., TCPServer), this is a per-connection configuration setting accessed by passing the ConnectionId. For example:
server.Config("SSLNegotiatedVersion[connId]");
0x00000001 | Ignore time validity status of certificate. |
0x00000002 | Ignore time validity status of CTL. |
0x00000004 | Ignore non-nested certificate times. |
0x00000010 | Allow unknown certificate authority. |
0x00000020 | Ignore wrong certificate usage. |
0x00000100 | Ignore unknown certificate revocation status. |
0x00000200 | Ignore unknown CTL signer revocation status. |
0x00000400 | Ignore unknown certificate authority revocation status. |
0x00000800 | Ignore unknown root revocation status. |
0x00008000 | Allow test root certificate. |
0x00004000 | Trust test root certificate. |
0x80000000 | Ignore non-matching CN (certificate CN non-matching server name). |
This functionality is currently not available when the provider is OpenSSL.
The value of this configuration setting is a newline-separated (CR/LF) list of certificates. For instance:
-----BEGIN CERTIFICATE----- MIIEKzCCAxOgAwIBAgIRANTET4LIkxdH6P+CFIiHvTowDQYJKoZIhvcNAQELBQAw ... Intermediate Cert... eWHV5OW1K53o/atv59sOiW5K3crjFhsBOd5Q+cJJnU+SWinPKtANXMht+EDvYY2w F0I1XhM+pKj7FjDr+XNj -----END CERTIFICATE----- \r \n -----BEGIN CERTIFICATE----- MIIEFjCCAv6gAwIBAgIQetu1SMxpnENAnnOz1P+PtTANBgkqhkiG9w0BAQUFADBp ... Root Cert... d8q23djXZbVYiIfE9ebr4g3152BlVCHZ2GyPdjhIuLeH21VbT/dyEHHA -----END CERTIFICATE-----
When specified the class will verify that the server certificate signature algorithm is among the values specified in this configuration setting. If the server certificate signature algorithm is unsupported, the class fails with an error.
The format of this value is a comma-separated list of hash-signature combinations. For instance:
component.SSLProvider = TCPClientSSLProviders.sslpInternal;
component.Config("SSLEnabledProtocols=3072"); //TLS 1.2
component.Config("TLS12SignatureAlgorithms=sha256-rsa,sha256-dsa,sha1-rsa,sha1-dsa");
The default value for this configuration setting is sha512-ecdsa,sha512-rsa,sha512-dsa,sha384-ecdsa,sha384-rsa,sha384-dsa,sha256-ecdsa,sha256-rsa,sha256-dsa,sha224-ecdsa,sha224-rsa,sha224-dsa,sha1-ecdsa,sha1-rsa,sha1-dsa.
To not restrict the server's certificate signature algorithm, specify an empty string as the value for this configuration setting, which will cause the signature_algorithms TLS 1.2 extension to not be sent.
The default value is ecdhe_secp256r1,ecdhe_secp384r1,ecdhe_secp521r1.
When using TLS 1.2 and ssl_provider is set to Internal, the values refer to the supported groups for ECC. The following values are supported:
- "ecdhe_secp256r1" (default)
- "ecdhe_secp384r1" (default)
- "ecdhe_secp521r1" (default)
The default value is set to balance common supported groups and the computational resources required to generate key shares. As a result, only some groups are included by default in this configuration setting.
Note: All supported groups can always be used during the handshake even if not listed here, but if a group is used that is not present in this list, it will incur an additional roundtrip and time to generate the key share for that group.
In most cases, this configuration setting does not need to be modified. This should be modified only if there is a specific reason to do so.
The default value is ecdhe_x25519,ecdhe_secp256r1,ecdhe_secp384r1,ffdhe_2048,ffdhe_3072
The values are ordered from most preferred to least preferred. The following values are supported:
- "ecdhe_x25519" (default)
- "ecdhe_x448"
- "ecdhe_secp256r1" (default)
- "ecdhe_secp384r1" (default)
- "ecdhe_secp521r1"
- "ffdhe_2048" (default)
- "ffdhe_3072" (default)
- "ffdhe_4096"
- "ffdhe_6144"
- "ffdhe_8192"
- "ed25519" (default)
- "ed448" (default)
- "ecdsa_secp256r1_sha256" (default)
- "ecdsa_secp384r1_sha384" (default)
- "ecdsa_secp521r1_sha512" (default)
- "rsa_pkcs1_sha256" (default)
- "rsa_pkcs1_sha384" (default)
- "rsa_pkcs1_sha512" (default)
- "rsa_pss_sha256" (default)
- "rsa_pss_sha384" (default)
- "rsa_pss_sha512" (default)
The default value is ecdhe_x25519,ecdhe_x448,ecdhe_secp256r1,ecdhe_secp384r1,ecdhe_secp521r1,ffdhe_2048,ffdhe_3072,ffdhe_4096,ffdhe_6144,ffdhe_8192
The values are ordered from most preferred to least preferred. The following values are supported:
- "ecdhe_x25519" (default)
- "ecdhe_x448" (default)
- "ecdhe_secp256r1" (default)
- "ecdhe_secp384r1" (default)
- "ecdhe_secp521r1" (default)
- "ffdhe_2048" (default)
- "ffdhe_3072" (default)
- "ffdhe_4096" (default)
- "ffdhe_6144" (default)
- "ffdhe_8192" (default)
Socket Config Settings
Note: This option is not valid for User Datagram Protocol (UDP) ports.
Some TCP/IP implementations do not support variable buffer sizes. If that is the case, when the class is activated the InBufferSize reverts to its defined size. The same happens if you attempt to make it too large or too small.
Some TCP/IP implementations do not support variable buffer sizes. If that is the case, when the class is activated the OutBufferSize reverts to its defined size. The same happens if you attempt to make it too large or too small.
Base Config Settings
The following is a list of valid code page identifiers:
Identifier | Name |
037 | IBM EBCDIC - U.S./Canada |
437 | OEM - United States |
500 | IBM EBCDIC - International |
708 | Arabic - ASMO 708 |
709 | Arabic - ASMO 449+, BCON V4 |
710 | Arabic - Transparent Arabic |
720 | Arabic - Transparent ASMO |
737 | OEM - Greek (formerly 437G) |
775 | OEM - Baltic |
850 | OEM - Multilingual Latin I |
852 | OEM - Latin II |
855 | OEM - Cyrillic (primarily Russian) |
857 | OEM - Turkish |
858 | OEM - Multilingual Latin I + Euro symbol |
860 | OEM - Portuguese |
861 | OEM - Icelandic |
862 | OEM - Hebrew |
863 | OEM - Canadian-French |
864 | OEM - Arabic |
865 | OEM - Nordic |
866 | OEM - Russian |
869 | OEM - Modern Greek |
870 | IBM EBCDIC - Multilingual/ROECE (Latin-2) |
874 | ANSI/OEM - Thai (same as 28605, ISO 8859-15) |
875 | IBM EBCDIC - Modern Greek |
932 | ANSI/OEM - Japanese, Shift-JIS |
936 | ANSI/OEM - Simplified Chinese (PRC, Singapore) |
949 | ANSI/OEM - Korean (Unified Hangul Code) |
950 | ANSI/OEM - Traditional Chinese (Taiwan; Hong Kong SAR, PRC) |
1026 | IBM EBCDIC - Turkish (Latin-5) |
1047 | IBM EBCDIC - Latin 1/Open System |
1140 | IBM EBCDIC - U.S./Canada (037 + Euro symbol) |
1141 | IBM EBCDIC - Germany (20273 + Euro symbol) |
1142 | IBM EBCDIC - Denmark/Norway (20277 + Euro symbol) |
1143 | IBM EBCDIC - Finland/Sweden (20278 + Euro symbol) |
1144 | IBM EBCDIC - Italy (20280 + Euro symbol) |
1145 | IBM EBCDIC - Latin America/Spain (20284 + Euro symbol) |
1146 | IBM EBCDIC - United Kingdom (20285 + Euro symbol) |
1147 | IBM EBCDIC - France (20297 + Euro symbol) |
1148 | IBM EBCDIC - International (500 + Euro symbol) |
1149 | IBM EBCDIC - Icelandic (20871 + Euro symbol) |
1200 | Unicode UCS-2 Little-Endian (BMP of ISO 10646) |
1201 | Unicode UCS-2 Big-Endian |
1250 | ANSI - Central European |
1251 | ANSI - Cyrillic |
1252 | ANSI - Latin I |
1253 | ANSI - Greek |
1254 | ANSI - Turkish |
1255 | ANSI - Hebrew |
1256 | ANSI - Arabic |
1257 | ANSI - Baltic |
1258 | ANSI/OEM - Vietnamese |
1361 | Korean (Johab) |
10000 | MAC - Roman |
10001 | MAC - Japanese |
10002 | MAC - Traditional Chinese (Big5) |
10003 | MAC - Korean |
10004 | MAC - Arabic |
10005 | MAC - Hebrew |
10006 | MAC - Greek I |
10007 | MAC - Cyrillic |
10008 | MAC - Simplified Chinese (GB 2312) |
10010 | MAC - Romania |
10017 | MAC - Ukraine |
10021 | MAC - Thai |
10029 | MAC - Latin II |
10079 | MAC - Icelandic |
10081 | MAC - Turkish |
10082 | MAC - Croatia |
12000 | Unicode UCS-4 Little-Endian |
12001 | Unicode UCS-4 Big-Endian |
20000 | CNS - Taiwan |
20001 | TCA - Taiwan |
20002 | Eten - Taiwan |
20003 | IBM5550 - Taiwan |
20004 | TeleText - Taiwan |
20005 | Wang - Taiwan |
20105 | IA5 IRV International Alphabet No. 5 (7-bit) |
20106 | IA5 German (7-bit) |
20107 | IA5 Swedish (7-bit) |
20108 | IA5 Norwegian (7-bit) |
20127 | US-ASCII (7-bit) |
20261 | T.61 |
20269 | ISO 6937 Non-Spacing Accent |
20273 | IBM EBCDIC - Germany |
20277 | IBM EBCDIC - Denmark/Norway |
20278 | IBM EBCDIC - Finland/Sweden |
20280 | IBM EBCDIC - Italy |
20284 | IBM EBCDIC - Latin America/Spain |
20285 | IBM EBCDIC - United Kingdom |
20290 | IBM EBCDIC - Japanese Katakana Extended |
20297 | IBM EBCDIC - France |
20420 | IBM EBCDIC - Arabic |
20423 | IBM EBCDIC - Greek |
20424 | IBM EBCDIC - Hebrew |
20833 | IBM EBCDIC - Korean Extended |
20838 | IBM EBCDIC - Thai |
20866 | Russian - KOI8-R |
20871 | IBM EBCDIC - Icelandic |
20880 | IBM EBCDIC - Cyrillic (Russian) |
20905 | IBM EBCDIC - Turkish |
20924 | IBM EBCDIC - Latin-1/Open System (1047 + Euro symbol) |
20932 | JIS X 0208-1990 & 0121-1990 |
20936 | Simplified Chinese (GB2312) |
21025 | IBM EBCDIC - Cyrillic (Serbian, Bulgarian) |
21027 | Extended Alpha Lowercase |
21866 | Ukrainian (KOI8-U) |
28591 | ISO 8859-1 Latin I |
28592 | ISO 8859-2 Central Europe |
28593 | ISO 8859-3 Latin 3 |
28594 | ISO 8859-4 Baltic |
28595 | ISO 8859-5 Cyrillic |
28596 | ISO 8859-6 Arabic |
28597 | ISO 8859-7 Greek |
28598 | ISO 8859-8 Hebrew |
28599 | ISO 8859-9 Latin 5 |
28605 | ISO 8859-15 Latin 9 |
29001 | Europa 3 |
38598 | ISO 8859-8 Hebrew |
50220 | ISO 2022 Japanese with no halfwidth Katakana |
50221 | ISO 2022 Japanese with halfwidth Katakana |
50222 | ISO 2022 Japanese JIS X 0201-1989 |
50225 | ISO 2022 Korean |
50227 | ISO 2022 Simplified Chinese |
50229 | ISO 2022 Traditional Chinese |
50930 | Japanese (Katakana) Extended |
50931 | US/Canada and Japanese |
50933 | Korean Extended and Korean |
50935 | Simplified Chinese Extended and Simplified Chinese |
50936 | Simplified Chinese |
50937 | US/Canada and Traditional Chinese |
50939 | Japanese (Latin) Extended and Japanese |
51932 | EUC - Japanese |
51936 | EUC - Simplified Chinese |
51949 | EUC - Korean |
51950 | EUC - Traditional Chinese |
52936 | HZ-GB2312 Simplified Chinese |
54936 | Windows XP: GB18030 Simplified Chinese (4 Byte) |
57002 | ISCII Devanagari |
57003 | ISCII Bengali |
57004 | ISCII Tamil |
57005 | ISCII Telugu |
57006 | ISCII Assamese |
57007 | ISCII Oriya |
57008 | ISCII Kannada |
57009 | ISCII Malayalam |
57010 | ISCII Gujarati |
57011 | ISCII Punjabi |
65000 | Unicode UTF-7 |
65001 | Unicode UTF-8 |
Identifier | Name |
1 | ASCII |
2 | NEXTSTEP |
3 | JapaneseEUC |
4 | UTF8 |
5 | ISOLatin1 |
6 | Symbol |
7 | NonLossyASCII |
8 | ShiftJIS |
9 | ISOLatin2 |
10 | Unicode |
11 | WindowsCP1251 |
12 | WindowsCP1252 |
13 | WindowsCP1253 |
14 | WindowsCP1254 |
15 | WindowsCP1250 |
21 | ISO2022JP |
30 | MacOSRoman |
10 | UTF16String |
0x90000100 | UTF16BigEndian |
0x94000100 | UTF16LittleEndian |
0x8c000100 | UTF32String |
0x98000100 | UTF32BigEndian |
0x9c000100 | UTF32LittleEndian |
65536 | Proprietary |
- Product: The product the license is for.
- Product Key: The key the license was generated from.
- License Source: Where the license was found (e.g., RuntimeLicense, License File).
- License Type: The type of license installed (e.g., Royalty Free, Single Server).
- Last Valid Build: The last valid build number for which the license will work.
This setting only works on these classes: AS3Receiver, AS3Sender, Atom, Client(3DS), FTP, FTPServer, IMAP, OFTPClient, SSHClient, SCP, Server(3DS), Sexec, SFTP, SFTPServer, SSHServer, TCPClient, TCPServer.
Setting this configuration setting to True tells the class to use the internal implementation instead of using the system security libraries.
On Windows, this setting is set to False by default. On Linux/macOS, this setting is set to True by default.
To use the system security libraries for Linux, OpenSSL support must be enabled. For more information on how to enable OpenSSL, please refer to the OpenSSL Notes section.
SPOP Errors
POP Errors
116 | mail_port cannot be zero. Please specify a valid service port number. |
118 | Firewall error. Error message contains detailed description. |
171 | POP protocol error. Description contains the server reply. |
172 | Error communicating with server. Error text is attached. |
173 | Please specify a valid mail_server. |
174 | Busy executing current method. |
The class may also return one of the following error codes, which are inherited from other classes.
TCPClient Errors
100 | You cannot change the remote_port at this time. A connection is in progress. |
101 | You cannot change the remote_host (Server) at this time. A connection is in progress. |
102 | The remote_host address is invalid (0.0.0.0). |
104 | Already connected. If you want to reconnect, close the current connection first. |
106 | You cannot change the local_port at this time. A connection is in progress. |
107 | You cannot change the local_host at this time. A connection is in progress. |
112 | You cannot change MaxLineLength at this time. A connection is in progress. |
116 | remote_port cannot be zero. Please specify a valid service port number. |
117 | You cannot change the UseConnection option while the class is active. |
135 | Operation would block. |
201 | Timeout. |
211 | Action impossible in control's present state. |
212 | Action impossible while not connected. |
213 | Action impossible while listening. |
301 | Timeout. |
302 | Could not open file. |
434 | Unable to convert string to selected CodePage. |
1105 | Already connecting. If you want to reconnect, close the current connection first. |
1117 | You need to connect first. |
1119 | You cannot change the LocalHost at this time. A connection is in progress. |
1120 | Connection dropped by remote host. |
SSL Errors
270 | Cannot load specified security library. |
271 | Cannot open certificate store. |
272 | Cannot find specified certificate. |
273 | Cannot acquire security credentials. |
274 | Cannot find certificate chain. |
275 | Cannot verify certificate chain. |
276 | Error during handshake. |
280 | Error verifying certificate. |
281 | Could not find client certificate. |
282 | Could not find server certificate. |
283 | Error encrypting data. |
284 | Error decrypting data. |
TCP/IP Errors
10004 | [10004] Interrupted system call. |
10009 | [10009] Bad file number. |
10013 | [10013] Access denied. |
10014 | [10014] Bad address. |
10022 | [10022] Invalid argument. |
10024 | [10024] Too many open files. |
10035 | [10035] Operation would block. |
10036 | [10036] Operation now in progress. |
10037 | [10037] Operation already in progress. |
10038 | [10038] Socket operation on nonsocket. |
10039 | [10039] Destination address required. |
10040 | [10040] Message is too long. |
10041 | [10041] Protocol wrong type for socket. |
10042 | [10042] Bad protocol option. |
10043 | [10043] Protocol is not supported. |
10044 | [10044] Socket type is not supported. |
10045 | [10045] Operation is not supported on socket. |
10046 | [10046] Protocol family is not supported. |
10047 | [10047] Address family is not supported by protocol family. |
10048 | [10048] Address already in use. |
10049 | [10049] Cannot assign requested address. |
10050 | [10050] Network is down. |
10051 | [10051] Network is unreachable. |
10052 | [10052] Net dropped connection or reset. |
10053 | [10053] Software caused connection abort. |
10054 | [10054] Connection reset by peer. |
10055 | [10055] No buffer space available. |
10056 | [10056] Socket is already connected. |
10057 | [10057] Socket is not connected. |
10058 | [10058] Cannot send after socket shutdown. |
10059 | [10059] Too many references, cannot splice. |
10060 | [10060] Connection timed out. |
10061 | [10061] Connection refused. |
10062 | [10062] Too many levels of symbolic links. |
10063 | [10063] File name is too long. |
10064 | [10064] Host is down. |
10065 | [10065] No route to host. |
10066 | [10066] Directory is not empty |
10067 | [10067] Too many processes. |
10068 | [10068] Too many users. |
10069 | [10069] Disc Quota Exceeded. |
10070 | [10070] Stale NFS file handle. |
10071 | [10071] Too many levels of remote in path. |
10091 | [10091] Network subsystem is unavailable. |
10092 | [10092] WINSOCK DLL Version out of range. |
10093 | [10093] Winsock is not loaded yet. |
11001 | [11001] Host not found. |
11002 | [11002] Nonauthoritative 'Host not found' (try again or check DNS setup). |
11003 | [11003] Nonrecoverable errors: FORMERR, REFUSED, NOTIMP. |
11004 | [11004] Valid name, no data record (check DNS setup). |