SNMPAgent Class
Properties Methods Events Config Settings Errors
The SNMPAgent class is used to implement UDP-based SNMP Agent Applications.
Syntax
class ipworkssnmp.SNMPAgent
Remarks
The SNMPAgent class implements a UDP-based standard SNMP Agent as specified in the SNMP RFCs. The class supports SNMP v1, v2c, and v3.
SNMP over DTLS is also supported when ssl_enabled is set to True. When acting as a client, the on_ssl_server_authentication event allows you to check the server identity and other security attributes. The on_ssl_status event provides information about the DTLS handshake. Additional SSL-related settings are also supported through the config method. When acting as a server, the SSLCert properties are used to select a certificate for the server. When client authentication is required, the ssl_authenticate_clients property can be set to True and the on_ssl_client_authentication event can be used to examine client credentials.
The class provides both encoding/decoding and transport capabilities, making the task of developing a custom SNMP agent as simple as setting a few key properties and handling a few events. SNMP data such as SNMP object id-s (OID-s) are exchanged as text strings, thus further simplifying the task of handling them.
The class is activated/deactivated by calling the activate or deactivate method. These methods enable or disable sending and receiving. The activation status can be found in the active property.
The class operates asynchronously. Requests are received through events such as on_get_request, on_get_bulk_request, on_get_next_request, etc. and the corresponding responses are automatically sent when the events return. Traps are sent through the send_trap method.
SNMPv3 USM security passwords are requested through the on_get_user_password event, and event parameters such as User and SecurityLevel provide information about the security attributes of received requests, and enable granular decision capability about what to provide and what not to provide. The send_secure_trap method is used to send authenticated (secure) SNMPv3 traps.
The add_user, remove_user, show_cache, and clear_cache methods are used to manage an internal authentication cache. This internal cache can be used as an alternative to the on_get_user_password event, automatically checking the cache against the security parameters provided in the request signature.
SNMP OIDs, types, and values are provided in the objects collection of SNMP objects for both sent and received packets.
Other packet information is provided through corresponding event parameters, such as Community, or RequestId.
Property List
The following is the full list of the properties of the class with short descriptions. Click on the links for further details.
accept_data | Enables or disables data reception. |
active | Indicates whether the class is active. |
local_engine_id | The Engine Id of the SNMP Agent. |
local_host | The name of the local host or user-assigned IP interface through which connections are initiated or accepted. |
local_port | The port in the local host where the class listens. |
obj_count | The number of records in the Obj arrays. |
obj_type | The current object's type. |
obj_id | The current object's id which is encoded as a string of numbers separated by periods. |
obj_type_string | A string representation of the current object's ObjectType . |
obj_value | The current object's value. |
request_id | The request-id to mark outgoing packets with. |
snmp_version | Version of SNMP used for outgoing requests (traps). |
ssl_accept_server_cert_effective_date | The date on which this certificate becomes valid. |
ssl_accept_server_cert_expiration_date | The date on which the certificate expires. |
ssl_accept_server_cert_extended_key_usage | A comma-delimited list of extended key usage identifiers. |
ssl_accept_server_cert_fingerprint | The hex-encoded, 16-byte MD5 fingerprint of the certificate. |
ssl_accept_server_cert_fingerprint_sha1 | The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. |
ssl_accept_server_cert_fingerprint_sha256 | The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. |
ssl_accept_server_cert_issuer | The issuer of the certificate. |
ssl_accept_server_cert_private_key | The private key of the certificate (if available). |
ssl_accept_server_cert_private_key_available | Whether a PrivateKey is available for the selected certificate. |
ssl_accept_server_cert_private_key_container | The name of the PrivateKey container for the certificate (if available). |
ssl_accept_server_cert_public_key | The public key of the certificate. |
ssl_accept_server_cert_public_key_algorithm | The textual description of the certificate's public key algorithm. |
ssl_accept_server_cert_public_key_length | The length of the certificate's public key (in bits). |
ssl_accept_server_cert_serial_number | The serial number of the certificate encoded as a string. |
ssl_accept_server_cert_signature_algorithm | The text description of the certificate's signature algorithm. |
ssl_accept_server_cert_store | The name of the certificate store for the client certificate. |
ssl_accept_server_cert_store_password | If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store. |
ssl_accept_server_cert_store_type | The type of certificate store for this certificate. |
ssl_accept_server_cert_subject_alt_names | Comma-separated lists of alternative subject names for the certificate. |
ssl_accept_server_cert_thumbprint_md5 | The MD5 hash of the certificate. |
ssl_accept_server_cert_thumbprint_sha1 | The SHA-1 hash of the certificate. |
ssl_accept_server_cert_thumbprint_sha256 | The SHA-256 hash of the certificate. |
ssl_accept_server_cert_usage | The text description of UsageFlags . |
ssl_accept_server_cert_usage_flags | The flags that show intended use for the certificate. |
ssl_accept_server_cert_version | The certificate's version number. |
ssl_accept_server_cert_subject | The subject of the certificate used for client authentication. |
ssl_accept_server_cert_encoded | The certificate (PEM/Base64 encoded). |
ssl_authenticate_clients | If set to True, the server asks the client(s) for a certificate. |
ssl_cert_effective_date | The date on which this certificate becomes valid. |
ssl_cert_expiration_date | The date on which the certificate expires. |
ssl_cert_extended_key_usage | A comma-delimited list of extended key usage identifiers. |
ssl_cert_fingerprint | The hex-encoded, 16-byte MD5 fingerprint of the certificate. |
ssl_cert_fingerprint_sha1 | The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. |
ssl_cert_fingerprint_sha256 | The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. |
ssl_cert_issuer | The issuer of the certificate. |
ssl_cert_private_key | The private key of the certificate (if available). |
ssl_cert_private_key_available | Whether a PrivateKey is available for the selected certificate. |
ssl_cert_private_key_container | The name of the PrivateKey container for the certificate (if available). |
ssl_cert_public_key | The public key of the certificate. |
ssl_cert_public_key_algorithm | The textual description of the certificate's public key algorithm. |
ssl_cert_public_key_length | The length of the certificate's public key (in bits). |
ssl_cert_serial_number | The serial number of the certificate encoded as a string. |
ssl_cert_signature_algorithm | The text description of the certificate's signature algorithm. |
ssl_cert_store | The name of the certificate store for the client certificate. |
ssl_cert_store_password | If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store. |
ssl_cert_store_type | The type of certificate store for this certificate. |
ssl_cert_subject_alt_names | Comma-separated lists of alternative subject names for the certificate. |
ssl_cert_thumbprint_md5 | The MD5 hash of the certificate. |
ssl_cert_thumbprint_sha1 | The SHA-1 hash of the certificate. |
ssl_cert_thumbprint_sha256 | The SHA-256 hash of the certificate. |
ssl_cert_usage | The text description of UsageFlags . |
ssl_cert_usage_flags | The flags that show intended use for the certificate. |
ssl_cert_version | The certificate's version number. |
ssl_cert_subject | The subject of the certificate used for client authentication. |
ssl_cert_encoded | The certificate (PEM/Base64 encoded). |
ssl_enabled | Whether DTLS is enabled. |
ssl_server_cert_effective_date | The date on which this certificate becomes valid. |
ssl_server_cert_expiration_date | The date on which the certificate expires. |
ssl_server_cert_extended_key_usage | A comma-delimited list of extended key usage identifiers. |
ssl_server_cert_fingerprint | The hex-encoded, 16-byte MD5 fingerprint of the certificate. |
ssl_server_cert_fingerprint_sha1 | The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. |
ssl_server_cert_fingerprint_sha256 | The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. |
ssl_server_cert_issuer | The issuer of the certificate. |
ssl_server_cert_private_key | The private key of the certificate (if available). |
ssl_server_cert_private_key_available | Whether a PrivateKey is available for the selected certificate. |
ssl_server_cert_private_key_container | The name of the PrivateKey container for the certificate (if available). |
ssl_server_cert_public_key | The public key of the certificate. |
ssl_server_cert_public_key_algorithm | The textual description of the certificate's public key algorithm. |
ssl_server_cert_public_key_length | The length of the certificate's public key (in bits). |
ssl_server_cert_serial_number | The serial number of the certificate encoded as a string. |
ssl_server_cert_signature_algorithm | The text description of the certificate's signature algorithm. |
ssl_server_cert_store | The name of the certificate store for the client certificate. |
ssl_server_cert_store_password | If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store. |
ssl_server_cert_store_type | The type of certificate store for this certificate. |
ssl_server_cert_subject_alt_names | Comma-separated lists of alternative subject names for the certificate. |
ssl_server_cert_thumbprint_md5 | The MD5 hash of the certificate. |
ssl_server_cert_thumbprint_sha1 | The SHA-1 hash of the certificate. |
ssl_server_cert_thumbprint_sha256 | The SHA-256 hash of the certificate. |
ssl_server_cert_usage | The text description of UsageFlags . |
ssl_server_cert_usage_flags | The flags that show intended use for the certificate. |
ssl_server_cert_version | The certificate's version number. |
ssl_server_cert_subject | The subject of the certificate used for client authentication. |
ssl_server_cert_encoded | The certificate (PEM/Base64 encoded). |
sys_up_time | Time passed since the agent was initialized (in hundredths of a second). |
Method List
The following is the full list of the methods of the class with short descriptions. Click on the links for further details.
activate | Activates the class. |
add_user | Adds a user to the internal authentication cache. |
clear_cache | Clears the internal authentication database. |
config | Sets or retrieves a configuration setting. |
deactivate | Deactivates the class. |
do_events | This method processes events from the internal message queue. |
hash_passwords | Hashes all passwords in the cache. |
remove_user | Removes the user specified by User from the internal authentication cache. |
reset | Clears the object arrays. |
send_response | Sends a response packet to a Get, Get-Next, Get-Bulk, or Set request. |
send_secure_response | Sends an authenticated and/or encrypted SNMPv3 response. |
send_secure_trap | Sends an authenticated and/or encrypted SNMPv3 trap. |
send_trap | Sends an SNMP Trap. |
show_cache | Lists all entries in the internal user authentication cache. |
value | Returns the value corresponding to an OID. |
Event List
The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.
on_bad_packet | Fired for erroneous and/or malformed messages. |
on_cache_entry | Shows in the internal cache. |
on_connected | Fired immediately after a connection completes (or fails). |
on_disconnected | Fired when a connection is closed. |
on_discovery_request | Fired when an SNMPv3 discovery packet is received. |
on_error | Fired when information is available about errors during data delivery. |
on_get_bulk_request | Fired when a GetBulkRequest packet is received. |
on_get_next_request | Fired when a GetNextRequest packet is received. |
on_get_request | Fired when a GetRequest packet is received. |
on_get_user_password | Retrieves a password associated with a user. |
on_get_user_security_level | Sets the security level for an incoming packet. |
on_hash_password | Fired before and after a password is hashed. |
on_packet_trace | Fired for every packet sent or received. |
on_ready_to_send | Fired when the class is ready to send data. |
on_report | Fired when a Report packet is received. |
on_set_request | Fired when a SetRequest packet is received. |
on_ssl_client_authentication | Fired when the client presents its credentials to the server. |
on_ssl_server_authentication | Fires when connecting to the server. |
on_ssl_status | Shows the progress of the secure connection. |
Config Settings
The following is a list of config settings for the class with short descriptions. Click on the links for further details.
AuthenticationKey | The key to use for authentication. |
CompatibilityMode | Whether to operate the class in a specific compatibility mode. |
ContextEngineId | Sets the context engine id of the SNMP entity. |
ContextName | Sets the context name of the SNMP entity. |
DataToSend | Sends a raw packet. |
DecryptLogPackets | Whether to decrypt logged packets. |
EncryptionKey | The key to use for encryption. |
ForceLocalPort | Forces the class to bind to a specific port. |
IgnoreDiscoveryRequestType | Treats other request types as discovery requests. |
IncomingContextEngineId | The engine Id of the received packet. |
IncomingContextName | The context name of the received packet. |
MsgMaxSize | The maximum supported message size. |
RespondFromDestIP | Whether to respond from the IP address that the request was sent to. |
SourceAddress | The source address of the received packet. |
SourcePort | The source port of the received packet. |
TimeWindow | The time window used for SNMPv3 timeliness checking (authentication). |
TrapAgentAddress | The address of the object generating the trap. |
TrapCommunity | The value of the Community parameter for SNMP traps. |
TrapEnterprise | The type of the object generating the trap. |
TrapPort | The port where SNMP traps are sent. |
CaptureIPPacketInfo | Used to capture the packet information. |
DelayHostResolution | Whether the hostname is resolved when RemoteHost is set. |
DestinationAddress | Used to get the destination address from the packet information. |
DontFragment | Used to set the Don't Fragment flag of outgoing packets. |
LocalHost | The name of the local host through which connections are initiated or accepted. |
LocalPort | The port in the local host where the class binds. |
MaxPacketSize | The maximum length of the packets that can be received. |
QOSDSCPValue | Used to specify an arbitrary QOS/DSCP setting (optional). |
QOSTrafficType | Used to specify QOS/DSCP settings (optional). |
ShareLocalPort | If set to True, allows more than one instance of the class to be active on the same local port. |
SourceIPAddress | Used to set the source IP address used when sending a packet. |
SourceMacAddress | Used to set the source MAC address used when sending a packet. |
UseConnection | Determines whether to use a connected socket. |
UseIPv6 | Whether or not to use IPv6. |
AbsoluteTimeout | Determines whether timeouts are inactivity timeouts or absolute timeouts. |
FirewallData | Used to send extra data to the firewall. |
InBufferSize | The size in bytes of the incoming queue of the socket. |
OutBufferSize | The size in bytes of the outgoing queue of the socket. |
BuildInfo | Information about the product's build. |
CodePage | The system code page used for Unicode to Multibyte translations. |
LicenseInfo | Information about the current license. |
MaskSensitiveData | Whether sensitive data is masked in log messages. |
ProcessIdleEvents | Whether the class uses its internal event loop to process events when the main thread is idle. |
SelectWaitMillis | The length of time in milliseconds the class will wait when DoEvents is called if there are no events to process. |
UseInternalSecurityAPI | Whether or not to use the system security libraries or an internal implementation. |
accept_data Property
Enables or disables data reception.
Syntax
def get_accept_data() -> bool: ... def set_accept_data(value: bool) -> None: ...
accept_data = property(get_accept_data, set_accept_data)
Default Value
TRUE
Remarks
Setting the property to False temporarily disables data reception. Setting the property to True re-enables data reception.
active Property
Indicates whether the class is active.
Syntax
def get_active() -> bool: ... def set_active(value: bool) -> None: ...
active = property(get_active, set_active)
Default Value
FALSE
Remarks
This property indicates whether the class is currently active and can send or receive data.
The class will be automatically activated if it is not already and you attempt to perform an operation which requires the class to be active.
Use the activate and deactivate methods to control whether the class is active.
local_engine_id Property
The Engine Id of the SNMP Agent.
Syntax
def get_local_engine_id() -> bytes: ... def set_local_engine_id(value: bytes) -> None: ...
local_engine_id = property(get_local_engine_id, set_local_engine_id)
Default Value
""
Remarks
This property is only used for SNMPv3 packets (when snmp_version is 3).
local_host Property
The name of the local host or user-assigned IP interface through which connections are initiated or accepted.
Syntax
def get_local_host() -> str: ... def set_local_host(value: str) -> None: ...
local_host = property(get_local_host, set_local_host)
Default Value
""
Remarks
This property contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.
In multihomed hosts (machines with more than one IP interface) setting LocalHost to the IP address of an interface will make the class initiate connections (or accept in the case of server classs) only through that interface. It is recommended to provide an IP address rather than a hostname when setting this property to ensure the desired interface is used.
If the class is connected, the local_host property shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multihomed hosts (machines with more than one IP interface).
Note: local_host is not persistent. You must always set it in code, and never in the property window.
local_port Property
The port in the local host where the class listens.
Syntax
def get_local_port() -> int: ... def set_local_port(value: int) -> None: ...
local_port = property(get_local_port, set_local_port)
Default Value
161
Remarks
The local_port property must be set before the class is activated (active is set to True). It instructs the class to bind to a specific port (or communication endpoint) in the local machine (default 161).
You may also set local_port to 0. This allows the TCP/IP stack to choose a port at random. The value chosen is provided via the local_port property after the class is activated through the active property.
local_port cannot be changed once the class is active. Any attempt to set the local_port property when the class is active will generate an error.
Note: on macOS and iOS, root permissions are required to set local_port to any value below 1024.
obj_count Property
The number of records in the Obj arrays.
Syntax
def get_obj_count() -> int: ... def set_obj_count(value: int) -> None: ...
obj_count = property(get_obj_count, set_obj_count)
Default Value
0
Remarks
This property controls the size of the following arrays:
The array indices start at 0 and end at obj_count - 1.obj_type Property
The current object's type.
Syntax
def get_obj_type(obj_index: int) -> int: ... def set_obj_type(obj_index: int, value: int) -> None: ...
Default Value
5
Remarks
The current object's type. The default type is NULL (5).
The corresponding object id and value are specified by the obj_oid and obj_value properties.
Possible object type values include:
otInteger (2) | 2 |
otOctetString (4) | 4 |
otNull (5) | 5 |
otObjectID (6) | 6 |
otIPAddress (64) | 64 |
otCounter32 (65) | 65 |
otGauge32 (66) | 66 |
otTimeTicks (67) | 67 |
otOpaque (68) | 68 |
otNSAP (69) | 69 |
otCounter64 (70) | 70 |
otUnsignedInteger32 (71) | 71 |
The class also supports the following artificial object values used to designate error conditions:
otNoSuchObject (128) | No such object error. |
otNoSuchInstance (129) | No such instance error. |
otEndOfMibView (130) | End of MIB View error. |
The obj_index parameter specifies the index of the item in the array. The size of the array is controlled by the obj_count property.
obj_id Property
The current object's id which is encoded as a string of numbers separated by periods.
Syntax
def get_obj_id(obj_index: int) -> str: ... def set_obj_id(obj_index: int, value: str) -> None: ...
Default Value
""
Remarks
The current object's id which is encoded as a string of numbers separated by periods. For instance: "1.3.6.1.2.1.1.1.0" (OID for "system description").
The corresponding object type and value (if any) are specified by the object_type and obj_value properties.
Example
SNMPControl.ObjCount = 1
SNMPControl.ObjId(0) = "1.3.6.1.2.1.1.1.0"
The obj_index parameter specifies the index of the item in the array. The size of the array is controlled by the obj_count property.
obj_type_string Property
A string representation of the current object's ObjectType .
Syntax
def get_obj_type_string(obj_index: int) -> str: ...
Default Value
""
Remarks
A string representation of the current object's object_type.
The corresponding object id and value are specified by the obj_oid and obj_value properties.
The obj_index parameter specifies the index of the item in the array. The size of the array is controlled by the obj_count property.
This property is read-only.
obj_value Property
The current object's value.
Syntax
def get_obj_value(obj_index: int) -> bytes: ... def set_obj_value(obj_index: int, value: bytes) -> None: ...
Default Value
""
Remarks
The current object's value. The corresponding object id and type are specified by the obj_oid and object_type properties.
Example
SNMPControl.ObjCount = 1
SNMPControl.ObjId(0) = "1.3.6.1.2.1.1.1.0"
SNMPControl.ObjValue(0) = "New Value"
The obj_index parameter specifies the index of the item in the array. The size of the array is controlled by the obj_count property.
request_id Property
The request-id to mark outgoing packets with.
Syntax
def get_request_id() -> int: ... def set_request_id(value: int) -> None: ...
request_id = property(get_request_id, set_request_id)
Default Value
1
Remarks
If a custom value is needed for request_id, the property must be set before sending the request. The class increments request_id automatically after sending each packet.
snmp_version Property
Version of SNMP used for outgoing requests (traps).
Syntax
def get_snmp_version() -> int: ... def set_snmp_version(value: int) -> None: ...
snmp_version = property(get_snmp_version, set_snmp_version)
Default Value
2
Remarks
This property takes one of the following values:
snmpverV1 (1) | SNMP Version 1. |
snmpverV2c (2) | SNMP Version 2c. |
snmpverV3 (3) | SNMP Version 3. |
ssl_accept_server_cert_effective_date Property
The date on which this certificate becomes valid.
Syntax
def get_ssl_accept_server_cert_effective_date() -> str: ...
ssl_accept_server_cert_effective_date = property(get_ssl_accept_server_cert_effective_date, None)
Default Value
""
Remarks
The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:
23-Jan-2000 15:00:00.
This property is read-only.
ssl_accept_server_cert_expiration_date Property
The date on which the certificate expires.
Syntax
def get_ssl_accept_server_cert_expiration_date() -> str: ...
ssl_accept_server_cert_expiration_date = property(get_ssl_accept_server_cert_expiration_date, None)
Default Value
""
Remarks
The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:
23-Jan-2001 15:00:00.
This property is read-only.
ssl_accept_server_cert_extended_key_usage Property
A comma-delimited list of extended key usage identifiers.
Syntax
def get_ssl_accept_server_cert_extended_key_usage() -> str: ...
ssl_accept_server_cert_extended_key_usage = property(get_ssl_accept_server_cert_extended_key_usage, None)
Default Value
""
Remarks
A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).
This property is read-only.
ssl_accept_server_cert_fingerprint Property
The hex-encoded, 16-byte MD5 fingerprint of the certificate.
Syntax
def get_ssl_accept_server_cert_fingerprint() -> str: ...
ssl_accept_server_cert_fingerprint = property(get_ssl_accept_server_cert_fingerprint, None)
Default Value
""
Remarks
The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02
This property is read-only.
ssl_accept_server_cert_fingerprint_sha1 Property
The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.
Syntax
def get_ssl_accept_server_cert_fingerprint_sha1() -> str: ...
ssl_accept_server_cert_fingerprint_sha1 = property(get_ssl_accept_server_cert_fingerprint_sha1, None)
Default Value
""
Remarks
The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84
This property is read-only.
ssl_accept_server_cert_fingerprint_sha256 Property
The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.
Syntax
def get_ssl_accept_server_cert_fingerprint_sha256() -> str: ...
ssl_accept_server_cert_fingerprint_sha256 = property(get_ssl_accept_server_cert_fingerprint_sha256, None)
Default Value
""
Remarks
The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53
This property is read-only.
ssl_accept_server_cert_issuer Property
The issuer of the certificate.
Syntax
def get_ssl_accept_server_cert_issuer() -> str: ...
ssl_accept_server_cert_issuer = property(get_ssl_accept_server_cert_issuer, None)
Default Value
""
Remarks
The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.
This property is read-only.
ssl_accept_server_cert_private_key Property
The private key of the certificate (if available).
Syntax
def get_ssl_accept_server_cert_private_key() -> str: ...
ssl_accept_server_cert_private_key = property(get_ssl_accept_server_cert_private_key, None)
Default Value
""
Remarks
The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.
Note: The ssl_accept_server_cert_private_key may be available but not exportable. In this case, ssl_accept_server_cert_private_key returns an empty string.
This property is read-only.
ssl_accept_server_cert_private_key_available Property
Whether a PrivateKey is available for the selected certificate.
Syntax
def get_ssl_accept_server_cert_private_key_available() -> bool: ...
ssl_accept_server_cert_private_key_available = property(get_ssl_accept_server_cert_private_key_available, None)
Default Value
FALSE
Remarks
Whether a ssl_accept_server_cert_private_key is available for the selected certificate. If ssl_accept_server_cert_private_key_available is True, the certificate may be used for authentication purposes (e.g., server authentication).
This property is read-only.
ssl_accept_server_cert_private_key_container Property
The name of the PrivateKey container for the certificate (if available).
Syntax
def get_ssl_accept_server_cert_private_key_container() -> str: ...
ssl_accept_server_cert_private_key_container = property(get_ssl_accept_server_cert_private_key_container, None)
Default Value
""
Remarks
The name of the ssl_accept_server_cert_private_key container for the certificate (if available). This functionality is available only on Windows platforms.
This property is read-only.
ssl_accept_server_cert_public_key Property
The public key of the certificate.
Syntax
def get_ssl_accept_server_cert_public_key() -> str: ...
ssl_accept_server_cert_public_key = property(get_ssl_accept_server_cert_public_key, None)
Default Value
""
Remarks
The public key of the certificate. The key is provided as PEM/Base64-encoded data.
This property is read-only.
ssl_accept_server_cert_public_key_algorithm Property
The textual description of the certificate's public key algorithm.
Syntax
def get_ssl_accept_server_cert_public_key_algorithm() -> str: ...
ssl_accept_server_cert_public_key_algorithm = property(get_ssl_accept_server_cert_public_key_algorithm, None)
Default Value
""
Remarks
The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.
This property is read-only.
ssl_accept_server_cert_public_key_length Property
The length of the certificate's public key (in bits).
Syntax
def get_ssl_accept_server_cert_public_key_length() -> int: ...
ssl_accept_server_cert_public_key_length = property(get_ssl_accept_server_cert_public_key_length, None)
Default Value
0
Remarks
The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.
This property is read-only.
ssl_accept_server_cert_serial_number Property
The serial number of the certificate encoded as a string.
Syntax
def get_ssl_accept_server_cert_serial_number() -> str: ...
ssl_accept_server_cert_serial_number = property(get_ssl_accept_server_cert_serial_number, None)
Default Value
""
Remarks
The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.
This property is read-only.
ssl_accept_server_cert_signature_algorithm Property
The text description of the certificate's signature algorithm.
Syntax
def get_ssl_accept_server_cert_signature_algorithm() -> str: ...
ssl_accept_server_cert_signature_algorithm = property(get_ssl_accept_server_cert_signature_algorithm, None)
Default Value
""
Remarks
The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.
This property is read-only.
ssl_accept_server_cert_store Property
The name of the certificate store for the client certificate.
Syntax
def get_ssl_accept_server_cert_store() -> bytes: ... def set_ssl_accept_server_cert_store(value: bytes) -> None: ...
ssl_accept_server_cert_store = property(get_ssl_accept_server_cert_store, set_ssl_accept_server_cert_store)
Default Value
"MY"
Remarks
The name of the certificate store for the client certificate.
The ssl_accept_server_cert_store_type property denotes the type of the certificate store specified by ssl_accept_server_cert_store. If the store is password-protected, specify the password in ssl_accept_server_cert_store_password.
ssl_accept_server_cert_store is used in conjunction with the ssl_accept_server_cert_subject property to specify client certificates. If ssl_accept_server_cert_store has a value, and ssl_accept_server_cert_subject or ssl_accept_server_cert_encoded is set, a search for a certificate is initiated. Please see the ssl_accept_server_cert_subject property for details.
Designations of certificate stores are platform dependent.
The following designations are the most common User and Machine certificate stores in Windows:
MY | A certificate store holding personal certificates with their associated private keys. |
CA | Certifying authority certificates. |
ROOT | Root certificates. |
When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).
ssl_accept_server_cert_store_password Property
If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
Syntax
def get_ssl_accept_server_cert_store_password() -> str: ... def set_ssl_accept_server_cert_store_password(value: str) -> None: ...
ssl_accept_server_cert_store_password = property(get_ssl_accept_server_cert_store_password, set_ssl_accept_server_cert_store_password)
Default Value
""
Remarks
If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
ssl_accept_server_cert_store_type Property
The type of certificate store for this certificate.
Syntax
def get_ssl_accept_server_cert_store_type() -> int: ... def set_ssl_accept_server_cert_store_type(value: int) -> None: ...
ssl_accept_server_cert_store_type = property(get_ssl_accept_server_cert_store_type, set_ssl_accept_server_cert_store_type)
Default Value
0
Remarks
The type of certificate store for this certificate.
The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:
0 (cstUser - default) | For Windows, this specifies that the certificate store is a certificate store owned by the current user.
Note: This store type is not available in Java. |
1 (cstMachine) | For Windows, this specifies that the certificate store is a machine store.
Note: This store type is not available in Java. |
2 (cstPFXFile) | The certificate store is the name of a PFX (PKCS#12) file containing certificates. |
3 (cstPFXBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in PFX (PKCS#12) format. |
4 (cstJKSFile) | The certificate store is the name of a Java Key Store (JKS) file containing certificates.
Note: This store type is only available in Java. |
5 (cstJKSBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in Java Key Store (JKS) format.
Note: This store type is only available in Java. |
6 (cstPEMKeyFile) | The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate. |
7 (cstPEMKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains a private key and an optional certificate. |
8 (cstPublicKeyFile) | The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate. |
9 (cstPublicKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains a PEM- or DER-encoded public key certificate. |
10 (cstSSHPublicKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains an SSH-style public key. |
11 (cstP7BFile) | The certificate store is the name of a PKCS#7 file containing certificates. |
12 (cstP7BBlob) | The certificate store is a string (binary) representing a certificate store in PKCS#7 format. |
13 (cstSSHPublicKeyFile) | The certificate store is the name of a file that contains an SSH-style public key. |
14 (cstPPKFile) | The certificate store is the name of a file that contains a PPK (PuTTY Private Key). |
15 (cstPPKBlob) | The certificate store is a string (binary) that contains a PPK (PuTTY Private Key). |
16 (cstXMLFile) | The certificate store is the name of a file that contains a certificate in XML format. |
17 (cstXMLBlob) | The certificate store is a string that contains a certificate in XML format. |
18 (cstJWKFile) | The certificate store is the name of a file that contains a JWK (JSON Web Key). |
19 (cstJWKBlob) | The certificate store is a string that contains a JWK (JSON Web Key). |
21 (cstBCFKSFile) | The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store).
Note: This store type is only available in Java and .NET. |
22 (cstBCFKSBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format.
Note: This store type is only available in Java and .NET. |
23 (cstPKCS11) | The certificate is present on a physical security key accessible via a PKCS#11 interface.
To use a security key, the necessary data must first be collected using the CertMgr class. The list_store_certificates method may be called after setting cert_store_type to cstPKCS11, cert_store_password to the PIN, and cert_store to the full path of the PKCS#11 DLL. The certificate information returned in the on_cert_list event's CertEncoded parameter may be saved for later use. When using a certificate, pass the previously saved security key information as the ssl_accept_server_cert_store and set ssl_accept_server_cert_store_password to the PIN. Code Example. SSH Authentication with Security Key:
|
99 (cstAuto) | The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically. |
ssl_accept_server_cert_subject_alt_names Property
Comma-separated lists of alternative subject names for the certificate.
Syntax
def get_ssl_accept_server_cert_subject_alt_names() -> str: ...
ssl_accept_server_cert_subject_alt_names = property(get_ssl_accept_server_cert_subject_alt_names, None)
Default Value
""
Remarks
Comma-separated lists of alternative subject names for the certificate.
This property is read-only.
ssl_accept_server_cert_thumbprint_md5 Property
The MD5 hash of the certificate.
Syntax
def get_ssl_accept_server_cert_thumbprint_md5() -> str: ...
ssl_accept_server_cert_thumbprint_md5 = property(get_ssl_accept_server_cert_thumbprint_md5, None)
Default Value
""
Remarks
The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
ssl_accept_server_cert_thumbprint_sha1 Property
The SHA-1 hash of the certificate.
Syntax
def get_ssl_accept_server_cert_thumbprint_sha1() -> str: ...
ssl_accept_server_cert_thumbprint_sha1 = property(get_ssl_accept_server_cert_thumbprint_sha1, None)
Default Value
""
Remarks
The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
ssl_accept_server_cert_thumbprint_sha256 Property
The SHA-256 hash of the certificate.
Syntax
def get_ssl_accept_server_cert_thumbprint_sha256() -> str: ...
ssl_accept_server_cert_thumbprint_sha256 = property(get_ssl_accept_server_cert_thumbprint_sha256, None)
Default Value
""
Remarks
The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
ssl_accept_server_cert_usage Property
The text description of UsageFlags .
Syntax
def get_ssl_accept_server_cert_usage() -> str: ...
ssl_accept_server_cert_usage = property(get_ssl_accept_server_cert_usage, None)
Default Value
""
Remarks
The text description of ssl_accept_server_cert_usage_flags.
This value will be one or more of the following strings and will be separated by commas:
- Digital Signature
- Non-Repudiation
- Key Encipherment
- Data Encipherment
- Key Agreement
- Certificate Signing
- CRL Signing
- Encipher Only
If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.
This property is read-only.
ssl_accept_server_cert_usage_flags Property
The flags that show intended use for the certificate.
Syntax
def get_ssl_accept_server_cert_usage_flags() -> int: ...
ssl_accept_server_cert_usage_flags = property(get_ssl_accept_server_cert_usage_flags, None)
Default Value
0
Remarks
The flags that show intended use for the certificate. The value of ssl_accept_server_cert_usage_flags is a combination of the following flags:
0x80 | Digital Signature |
0x40 | Non-Repudiation |
0x20 | Key Encipherment |
0x10 | Data Encipherment |
0x08 | Key Agreement |
0x04 | Certificate Signing |
0x02 | CRL Signing |
0x01 | Encipher Only |
Please see the ssl_accept_server_cert_usage property for a text representation of ssl_accept_server_cert_usage_flags.
This functionality currently is not available when the provider is OpenSSL.
This property is read-only.
ssl_accept_server_cert_version Property
The certificate's version number.
Syntax
def get_ssl_accept_server_cert_version() -> str: ...
ssl_accept_server_cert_version = property(get_ssl_accept_server_cert_version, None)
Default Value
""
Remarks
The certificate's version number. The possible values are the strings "V1", "V2", and "V3".
This property is read-only.
ssl_accept_server_cert_subject Property
The subject of the certificate used for client authentication.
Syntax
def get_ssl_accept_server_cert_subject() -> str: ... def set_ssl_accept_server_cert_subject(value: str) -> None: ...
ssl_accept_server_cert_subject = property(get_ssl_accept_server_cert_subject, set_ssl_accept_server_cert_subject)
Default Value
""
Remarks
The subject of the certificate used for client authentication.
This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.
If a matching certificate is found, the property is set to the full subject of the matching certificate.
If an exact match is not found, the store is searched for subjects containing the value of the property.
If a match is still not found, the property is set to an empty string, and no certificate is selected.
The special value "*" picks a random certificate in the certificate store.
The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:
Field | Meaning |
CN | Common Name. This is commonly a hostname like www.server.com. |
O | Organization |
OU | Organizational Unit |
L | Locality |
S | State |
C | Country |
E | Email Address |
If a field value contains a comma, it must be quoted.
ssl_accept_server_cert_encoded Property
The certificate (PEM/Base64 encoded).
Syntax
def get_ssl_accept_server_cert_encoded() -> bytes: ... def set_ssl_accept_server_cert_encoded(value: bytes) -> None: ...
ssl_accept_server_cert_encoded = property(get_ssl_accept_server_cert_encoded, set_ssl_accept_server_cert_encoded)
Default Value
""
Remarks
The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The ssl_accept_server_cert_store and ssl_accept_server_cert_subject properties also may be used to specify a certificate.
When ssl_accept_server_cert_encoded is set, a search is initiated in the current ssl_accept_server_cert_store for the private key of the certificate. If the key is found, ssl_accept_server_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, ssl_accept_server_cert_subject is set to an empty string.
ssl_authenticate_clients Property
If set to True, the server asks the client(s) for a certificate.
Syntax
def get_ssl_authenticate_clients() -> bool: ... def set_ssl_authenticate_clients(value: bool) -> None: ...
ssl_authenticate_clients = property(get_ssl_authenticate_clients, set_ssl_authenticate_clients)
Default Value
FALSE
Remarks
This property is used in conjunction with the on_ssl_client_authentication event. Please refer to the documentation of the on_ssl_client_authentication event for details.
ssl_cert_effective_date Property
The date on which this certificate becomes valid.
Syntax
def get_ssl_cert_effective_date() -> str: ...
ssl_cert_effective_date = property(get_ssl_cert_effective_date, None)
Default Value
""
Remarks
The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:
23-Jan-2000 15:00:00.
This property is read-only.
ssl_cert_expiration_date Property
The date on which the certificate expires.
Syntax
def get_ssl_cert_expiration_date() -> str: ...
ssl_cert_expiration_date = property(get_ssl_cert_expiration_date, None)
Default Value
""
Remarks
The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:
23-Jan-2001 15:00:00.
This property is read-only.
ssl_cert_extended_key_usage Property
A comma-delimited list of extended key usage identifiers.
Syntax
def get_ssl_cert_extended_key_usage() -> str: ...
ssl_cert_extended_key_usage = property(get_ssl_cert_extended_key_usage, None)
Default Value
""
Remarks
A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).
This property is read-only.
ssl_cert_fingerprint Property
The hex-encoded, 16-byte MD5 fingerprint of the certificate.
Syntax
def get_ssl_cert_fingerprint() -> str: ...
ssl_cert_fingerprint = property(get_ssl_cert_fingerprint, None)
Default Value
""
Remarks
The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02
This property is read-only.
ssl_cert_fingerprint_sha1 Property
The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.
Syntax
def get_ssl_cert_fingerprint_sha1() -> str: ...
ssl_cert_fingerprint_sha1 = property(get_ssl_cert_fingerprint_sha1, None)
Default Value
""
Remarks
The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84
This property is read-only.
ssl_cert_fingerprint_sha256 Property
The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.
Syntax
def get_ssl_cert_fingerprint_sha256() -> str: ...
ssl_cert_fingerprint_sha256 = property(get_ssl_cert_fingerprint_sha256, None)
Default Value
""
Remarks
The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53
This property is read-only.
ssl_cert_issuer Property
The issuer of the certificate.
Syntax
def get_ssl_cert_issuer() -> str: ...
ssl_cert_issuer = property(get_ssl_cert_issuer, None)
Default Value
""
Remarks
The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.
This property is read-only.
ssl_cert_private_key Property
The private key of the certificate (if available).
Syntax
def get_ssl_cert_private_key() -> str: ...
ssl_cert_private_key = property(get_ssl_cert_private_key, None)
Default Value
""
Remarks
The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.
Note: The ssl_cert_private_key may be available but not exportable. In this case, ssl_cert_private_key returns an empty string.
This property is read-only.
ssl_cert_private_key_available Property
Whether a PrivateKey is available for the selected certificate.
Syntax
def get_ssl_cert_private_key_available() -> bool: ...
ssl_cert_private_key_available = property(get_ssl_cert_private_key_available, None)
Default Value
FALSE
Remarks
Whether a ssl_cert_private_key is available for the selected certificate. If ssl_cert_private_key_available is True, the certificate may be used for authentication purposes (e.g., server authentication).
This property is read-only.
ssl_cert_private_key_container Property
The name of the PrivateKey container for the certificate (if available).
Syntax
def get_ssl_cert_private_key_container() -> str: ...
ssl_cert_private_key_container = property(get_ssl_cert_private_key_container, None)
Default Value
""
Remarks
The name of the ssl_cert_private_key container for the certificate (if available). This functionality is available only on Windows platforms.
This property is read-only.
ssl_cert_public_key Property
The public key of the certificate.
Syntax
def get_ssl_cert_public_key() -> str: ...
ssl_cert_public_key = property(get_ssl_cert_public_key, None)
Default Value
""
Remarks
The public key of the certificate. The key is provided as PEM/Base64-encoded data.
This property is read-only.
ssl_cert_public_key_algorithm Property
The textual description of the certificate's public key algorithm.
Syntax
def get_ssl_cert_public_key_algorithm() -> str: ...
ssl_cert_public_key_algorithm = property(get_ssl_cert_public_key_algorithm, None)
Default Value
""
Remarks
The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.
This property is read-only.
ssl_cert_public_key_length Property
The length of the certificate's public key (in bits).
Syntax
def get_ssl_cert_public_key_length() -> int: ...
ssl_cert_public_key_length = property(get_ssl_cert_public_key_length, None)
Default Value
0
Remarks
The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.
This property is read-only.
ssl_cert_serial_number Property
The serial number of the certificate encoded as a string.
Syntax
def get_ssl_cert_serial_number() -> str: ...
ssl_cert_serial_number = property(get_ssl_cert_serial_number, None)
Default Value
""
Remarks
The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.
This property is read-only.
ssl_cert_signature_algorithm Property
The text description of the certificate's signature algorithm.
Syntax
def get_ssl_cert_signature_algorithm() -> str: ...
ssl_cert_signature_algorithm = property(get_ssl_cert_signature_algorithm, None)
Default Value
""
Remarks
The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.
This property is read-only.
ssl_cert_store Property
The name of the certificate store for the client certificate.
Syntax
def get_ssl_cert_store() -> bytes: ... def set_ssl_cert_store(value: bytes) -> None: ...
ssl_cert_store = property(get_ssl_cert_store, set_ssl_cert_store)
Default Value
"MY"
Remarks
The name of the certificate store for the client certificate.
The ssl_cert_store_type property denotes the type of the certificate store specified by ssl_cert_store. If the store is password-protected, specify the password in ssl_cert_store_password.
ssl_cert_store is used in conjunction with the ssl_cert_subject property to specify client certificates. If ssl_cert_store has a value, and ssl_cert_subject or ssl_cert_encoded is set, a search for a certificate is initiated. Please see the ssl_cert_subject property for details.
Designations of certificate stores are platform dependent.
The following designations are the most common User and Machine certificate stores in Windows:
MY | A certificate store holding personal certificates with their associated private keys. |
CA | Certifying authority certificates. |
ROOT | Root certificates. |
When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).
ssl_cert_store_password Property
If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
Syntax
def get_ssl_cert_store_password() -> str: ... def set_ssl_cert_store_password(value: str) -> None: ...
ssl_cert_store_password = property(get_ssl_cert_store_password, set_ssl_cert_store_password)
Default Value
""
Remarks
If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
ssl_cert_store_type Property
The type of certificate store for this certificate.
Syntax
def get_ssl_cert_store_type() -> int: ... def set_ssl_cert_store_type(value: int) -> None: ...
ssl_cert_store_type = property(get_ssl_cert_store_type, set_ssl_cert_store_type)
Default Value
0
Remarks
The type of certificate store for this certificate.
The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:
0 (cstUser - default) | For Windows, this specifies that the certificate store is a certificate store owned by the current user.
Note: This store type is not available in Java. |
1 (cstMachine) | For Windows, this specifies that the certificate store is a machine store.
Note: This store type is not available in Java. |
2 (cstPFXFile) | The certificate store is the name of a PFX (PKCS#12) file containing certificates. |
3 (cstPFXBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in PFX (PKCS#12) format. |
4 (cstJKSFile) | The certificate store is the name of a Java Key Store (JKS) file containing certificates.
Note: This store type is only available in Java. |
5 (cstJKSBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in Java Key Store (JKS) format.
Note: This store type is only available in Java. |
6 (cstPEMKeyFile) | The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate. |
7 (cstPEMKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains a private key and an optional certificate. |
8 (cstPublicKeyFile) | The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate. |
9 (cstPublicKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains a PEM- or DER-encoded public key certificate. |
10 (cstSSHPublicKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains an SSH-style public key. |
11 (cstP7BFile) | The certificate store is the name of a PKCS#7 file containing certificates. |
12 (cstP7BBlob) | The certificate store is a string (binary) representing a certificate store in PKCS#7 format. |
13 (cstSSHPublicKeyFile) | The certificate store is the name of a file that contains an SSH-style public key. |
14 (cstPPKFile) | The certificate store is the name of a file that contains a PPK (PuTTY Private Key). |
15 (cstPPKBlob) | The certificate store is a string (binary) that contains a PPK (PuTTY Private Key). |
16 (cstXMLFile) | The certificate store is the name of a file that contains a certificate in XML format. |
17 (cstXMLBlob) | The certificate store is a string that contains a certificate in XML format. |
18 (cstJWKFile) | The certificate store is the name of a file that contains a JWK (JSON Web Key). |
19 (cstJWKBlob) | The certificate store is a string that contains a JWK (JSON Web Key). |
21 (cstBCFKSFile) | The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store).
Note: This store type is only available in Java and .NET. |
22 (cstBCFKSBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format.
Note: This store type is only available in Java and .NET. |
23 (cstPKCS11) | The certificate is present on a physical security key accessible via a PKCS#11 interface.
To use a security key, the necessary data must first be collected using the CertMgr class. The list_store_certificates method may be called after setting cert_store_type to cstPKCS11, cert_store_password to the PIN, and cert_store to the full path of the PKCS#11 DLL. The certificate information returned in the on_cert_list event's CertEncoded parameter may be saved for later use. When using a certificate, pass the previously saved security key information as the ssl_cert_store and set ssl_cert_store_password to the PIN. Code Example. SSH Authentication with Security Key:
|
99 (cstAuto) | The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically. |
ssl_cert_subject_alt_names Property
Comma-separated lists of alternative subject names for the certificate.
Syntax
def get_ssl_cert_subject_alt_names() -> str: ...
ssl_cert_subject_alt_names = property(get_ssl_cert_subject_alt_names, None)
Default Value
""
Remarks
Comma-separated lists of alternative subject names for the certificate.
This property is read-only.
ssl_cert_thumbprint_md5 Property
The MD5 hash of the certificate.
Syntax
def get_ssl_cert_thumbprint_md5() -> str: ...
ssl_cert_thumbprint_md5 = property(get_ssl_cert_thumbprint_md5, None)
Default Value
""
Remarks
The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
ssl_cert_thumbprint_sha1 Property
The SHA-1 hash of the certificate.
Syntax
def get_ssl_cert_thumbprint_sha1() -> str: ...
ssl_cert_thumbprint_sha1 = property(get_ssl_cert_thumbprint_sha1, None)
Default Value
""
Remarks
The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
ssl_cert_thumbprint_sha256 Property
The SHA-256 hash of the certificate.
Syntax
def get_ssl_cert_thumbprint_sha256() -> str: ...
ssl_cert_thumbprint_sha256 = property(get_ssl_cert_thumbprint_sha256, None)
Default Value
""
Remarks
The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
ssl_cert_usage Property
The text description of UsageFlags .
Syntax
def get_ssl_cert_usage() -> str: ...
ssl_cert_usage = property(get_ssl_cert_usage, None)
Default Value
""
Remarks
The text description of ssl_cert_usage_flags.
This value will be one or more of the following strings and will be separated by commas:
- Digital Signature
- Non-Repudiation
- Key Encipherment
- Data Encipherment
- Key Agreement
- Certificate Signing
- CRL Signing
- Encipher Only
If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.
This property is read-only.
ssl_cert_usage_flags Property
The flags that show intended use for the certificate.
Syntax
def get_ssl_cert_usage_flags() -> int: ...
ssl_cert_usage_flags = property(get_ssl_cert_usage_flags, None)
Default Value
0
Remarks
The flags that show intended use for the certificate. The value of ssl_cert_usage_flags is a combination of the following flags:
0x80 | Digital Signature |
0x40 | Non-Repudiation |
0x20 | Key Encipherment |
0x10 | Data Encipherment |
0x08 | Key Agreement |
0x04 | Certificate Signing |
0x02 | CRL Signing |
0x01 | Encipher Only |
Please see the ssl_cert_usage property for a text representation of ssl_cert_usage_flags.
This functionality currently is not available when the provider is OpenSSL.
This property is read-only.
ssl_cert_version Property
The certificate's version number.
Syntax
def get_ssl_cert_version() -> str: ...
ssl_cert_version = property(get_ssl_cert_version, None)
Default Value
""
Remarks
The certificate's version number. The possible values are the strings "V1", "V2", and "V3".
This property is read-only.
ssl_cert_subject Property
The subject of the certificate used for client authentication.
Syntax
def get_ssl_cert_subject() -> str: ... def set_ssl_cert_subject(value: str) -> None: ...
ssl_cert_subject = property(get_ssl_cert_subject, set_ssl_cert_subject)
Default Value
""
Remarks
The subject of the certificate used for client authentication.
This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.
If a matching certificate is found, the property is set to the full subject of the matching certificate.
If an exact match is not found, the store is searched for subjects containing the value of the property.
If a match is still not found, the property is set to an empty string, and no certificate is selected.
The special value "*" picks a random certificate in the certificate store.
The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:
Field | Meaning |
CN | Common Name. This is commonly a hostname like www.server.com. |
O | Organization |
OU | Organizational Unit |
L | Locality |
S | State |
C | Country |
E | Email Address |
If a field value contains a comma, it must be quoted.
ssl_cert_encoded Property
The certificate (PEM/Base64 encoded).
Syntax
def get_ssl_cert_encoded() -> bytes: ... def set_ssl_cert_encoded(value: bytes) -> None: ...
ssl_cert_encoded = property(get_ssl_cert_encoded, set_ssl_cert_encoded)
Default Value
""
Remarks
The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The ssl_cert_store and ssl_cert_subject properties also may be used to specify a certificate.
When ssl_cert_encoded is set, a search is initiated in the current ssl_cert_store for the private key of the certificate. If the key is found, ssl_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, ssl_cert_subject is set to an empty string.
ssl_enabled Property
Whether DTLS is enabled.
Syntax
def get_ssl_enabled() -> bool: ... def set_ssl_enabled(value: bool) -> None: ...
ssl_enabled = property(get_ssl_enabled, set_ssl_enabled)
Default Value
FALSE
Remarks
This setting specifies whether DTLS is enabled in the class. When False (default) the class operates in plaintext mode. When True DTLS is enabled.
ssl_server_cert_effective_date Property
The date on which this certificate becomes valid.
Syntax
def get_ssl_server_cert_effective_date() -> str: ...
ssl_server_cert_effective_date = property(get_ssl_server_cert_effective_date, None)
Default Value
""
Remarks
The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:
23-Jan-2000 15:00:00.
This property is read-only.
ssl_server_cert_expiration_date Property
The date on which the certificate expires.
Syntax
def get_ssl_server_cert_expiration_date() -> str: ...
ssl_server_cert_expiration_date = property(get_ssl_server_cert_expiration_date, None)
Default Value
""
Remarks
The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:
23-Jan-2001 15:00:00.
This property is read-only.
ssl_server_cert_extended_key_usage Property
A comma-delimited list of extended key usage identifiers.
Syntax
def get_ssl_server_cert_extended_key_usage() -> str: ...
ssl_server_cert_extended_key_usage = property(get_ssl_server_cert_extended_key_usage, None)
Default Value
""
Remarks
A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).
This property is read-only.
ssl_server_cert_fingerprint Property
The hex-encoded, 16-byte MD5 fingerprint of the certificate.
Syntax
def get_ssl_server_cert_fingerprint() -> str: ...
ssl_server_cert_fingerprint = property(get_ssl_server_cert_fingerprint, None)
Default Value
""
Remarks
The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02
This property is read-only.
ssl_server_cert_fingerprint_sha1 Property
The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.
Syntax
def get_ssl_server_cert_fingerprint_sha1() -> str: ...
ssl_server_cert_fingerprint_sha1 = property(get_ssl_server_cert_fingerprint_sha1, None)
Default Value
""
Remarks
The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84
This property is read-only.
ssl_server_cert_fingerprint_sha256 Property
The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.
Syntax
def get_ssl_server_cert_fingerprint_sha256() -> str: ...
ssl_server_cert_fingerprint_sha256 = property(get_ssl_server_cert_fingerprint_sha256, None)
Default Value
""
Remarks
The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.
The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53
This property is read-only.
ssl_server_cert_issuer Property
The issuer of the certificate.
Syntax
def get_ssl_server_cert_issuer() -> str: ...
ssl_server_cert_issuer = property(get_ssl_server_cert_issuer, None)
Default Value
""
Remarks
The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.
This property is read-only.
ssl_server_cert_private_key Property
The private key of the certificate (if available).
Syntax
def get_ssl_server_cert_private_key() -> str: ...
ssl_server_cert_private_key = property(get_ssl_server_cert_private_key, None)
Default Value
""
Remarks
The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.
Note: The ssl_server_cert_private_key may be available but not exportable. In this case, ssl_server_cert_private_key returns an empty string.
This property is read-only.
ssl_server_cert_private_key_available Property
Whether a PrivateKey is available for the selected certificate.
Syntax
def get_ssl_server_cert_private_key_available() -> bool: ...
ssl_server_cert_private_key_available = property(get_ssl_server_cert_private_key_available, None)
Default Value
FALSE
Remarks
Whether a ssl_server_cert_private_key is available for the selected certificate. If ssl_server_cert_private_key_available is True, the certificate may be used for authentication purposes (e.g., server authentication).
This property is read-only.
ssl_server_cert_private_key_container Property
The name of the PrivateKey container for the certificate (if available).
Syntax
def get_ssl_server_cert_private_key_container() -> str: ...
ssl_server_cert_private_key_container = property(get_ssl_server_cert_private_key_container, None)
Default Value
""
Remarks
The name of the ssl_server_cert_private_key container for the certificate (if available). This functionality is available only on Windows platforms.
This property is read-only.
ssl_server_cert_public_key Property
The public key of the certificate.
Syntax
def get_ssl_server_cert_public_key() -> str: ...
ssl_server_cert_public_key = property(get_ssl_server_cert_public_key, None)
Default Value
""
Remarks
The public key of the certificate. The key is provided as PEM/Base64-encoded data.
This property is read-only.
ssl_server_cert_public_key_algorithm Property
The textual description of the certificate's public key algorithm.
Syntax
def get_ssl_server_cert_public_key_algorithm() -> str: ...
ssl_server_cert_public_key_algorithm = property(get_ssl_server_cert_public_key_algorithm, None)
Default Value
""
Remarks
The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.
This property is read-only.
ssl_server_cert_public_key_length Property
The length of the certificate's public key (in bits).
Syntax
def get_ssl_server_cert_public_key_length() -> int: ...
ssl_server_cert_public_key_length = property(get_ssl_server_cert_public_key_length, None)
Default Value
0
Remarks
The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.
This property is read-only.
ssl_server_cert_serial_number Property
The serial number of the certificate encoded as a string.
Syntax
def get_ssl_server_cert_serial_number() -> str: ...
ssl_server_cert_serial_number = property(get_ssl_server_cert_serial_number, None)
Default Value
""
Remarks
The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.
This property is read-only.
ssl_server_cert_signature_algorithm Property
The text description of the certificate's signature algorithm.
Syntax
def get_ssl_server_cert_signature_algorithm() -> str: ...
ssl_server_cert_signature_algorithm = property(get_ssl_server_cert_signature_algorithm, None)
Default Value
""
Remarks
The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.
This property is read-only.
ssl_server_cert_store Property
The name of the certificate store for the client certificate.
Syntax
def get_ssl_server_cert_store() -> bytes: ...
ssl_server_cert_store = property(get_ssl_server_cert_store, None)
Default Value
"MY"
Remarks
The name of the certificate store for the client certificate.
The ssl_server_cert_store_type property denotes the type of the certificate store specified by ssl_server_cert_store. If the store is password-protected, specify the password in ssl_server_cert_store_password.
ssl_server_cert_store is used in conjunction with the ssl_server_cert_subject property to specify client certificates. If ssl_server_cert_store has a value, and ssl_server_cert_subject or ssl_server_cert_encoded is set, a search for a certificate is initiated. Please see the ssl_server_cert_subject property for details.
Designations of certificate stores are platform dependent.
The following designations are the most common User and Machine certificate stores in Windows:
MY | A certificate store holding personal certificates with their associated private keys. |
CA | Certifying authority certificates. |
ROOT | Root certificates. |
When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).
This property is read-only.
ssl_server_cert_store_password Property
If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
Syntax
def get_ssl_server_cert_store_password() -> str: ...
ssl_server_cert_store_password = property(get_ssl_server_cert_store_password, None)
Default Value
""
Remarks
If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
This property is read-only.
ssl_server_cert_store_type Property
The type of certificate store for this certificate.
Syntax
def get_ssl_server_cert_store_type() -> int: ...
ssl_server_cert_store_type = property(get_ssl_server_cert_store_type, None)
Default Value
0
Remarks
The type of certificate store for this certificate.
The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:
0 (cstUser - default) | For Windows, this specifies that the certificate store is a certificate store owned by the current user.
Note: This store type is not available in Java. |
1 (cstMachine) | For Windows, this specifies that the certificate store is a machine store.
Note: This store type is not available in Java. |
2 (cstPFXFile) | The certificate store is the name of a PFX (PKCS#12) file containing certificates. |
3 (cstPFXBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in PFX (PKCS#12) format. |
4 (cstJKSFile) | The certificate store is the name of a Java Key Store (JKS) file containing certificates.
Note: This store type is only available in Java. |
5 (cstJKSBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in Java Key Store (JKS) format.
Note: This store type is only available in Java. |
6 (cstPEMKeyFile) | The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate. |
7 (cstPEMKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains a private key and an optional certificate. |
8 (cstPublicKeyFile) | The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate. |
9 (cstPublicKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains a PEM- or DER-encoded public key certificate. |
10 (cstSSHPublicKeyBlob) | The certificate store is a string (binary or Base64-encoded) that contains an SSH-style public key. |
11 (cstP7BFile) | The certificate store is the name of a PKCS#7 file containing certificates. |
12 (cstP7BBlob) | The certificate store is a string (binary) representing a certificate store in PKCS#7 format. |
13 (cstSSHPublicKeyFile) | The certificate store is the name of a file that contains an SSH-style public key. |
14 (cstPPKFile) | The certificate store is the name of a file that contains a PPK (PuTTY Private Key). |
15 (cstPPKBlob) | The certificate store is a string (binary) that contains a PPK (PuTTY Private Key). |
16 (cstXMLFile) | The certificate store is the name of a file that contains a certificate in XML format. |
17 (cstXMLBlob) | The certificate store is a string that contains a certificate in XML format. |
18 (cstJWKFile) | The certificate store is the name of a file that contains a JWK (JSON Web Key). |
19 (cstJWKBlob) | The certificate store is a string that contains a JWK (JSON Web Key). |
21 (cstBCFKSFile) | The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store).
Note: This store type is only available in Java and .NET. |
22 (cstBCFKSBlob) | The certificate store is a string (binary or Base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format.
Note: This store type is only available in Java and .NET. |
23 (cstPKCS11) | The certificate is present on a physical security key accessible via a PKCS#11 interface.
To use a security key, the necessary data must first be collected using the CertMgr class. The list_store_certificates method may be called after setting cert_store_type to cstPKCS11, cert_store_password to the PIN, and cert_store to the full path of the PKCS#11 DLL. The certificate information returned in the on_cert_list event's CertEncoded parameter may be saved for later use. When using a certificate, pass the previously saved security key information as the ssl_server_cert_store and set ssl_server_cert_store_password to the PIN. Code Example. SSH Authentication with Security Key:
|
99 (cstAuto) | The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically. |
This property is read-only.
ssl_server_cert_subject_alt_names Property
Comma-separated lists of alternative subject names for the certificate.
Syntax
def get_ssl_server_cert_subject_alt_names() -> str: ...
ssl_server_cert_subject_alt_names = property(get_ssl_server_cert_subject_alt_names, None)
Default Value
""
Remarks
Comma-separated lists of alternative subject names for the certificate.
This property is read-only.
ssl_server_cert_thumbprint_md5 Property
The MD5 hash of the certificate.
Syntax
def get_ssl_server_cert_thumbprint_md5() -> str: ...
ssl_server_cert_thumbprint_md5 = property(get_ssl_server_cert_thumbprint_md5, None)
Default Value
""
Remarks
The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
ssl_server_cert_thumbprint_sha1 Property
The SHA-1 hash of the certificate.
Syntax
def get_ssl_server_cert_thumbprint_sha1() -> str: ...
ssl_server_cert_thumbprint_sha1 = property(get_ssl_server_cert_thumbprint_sha1, None)
Default Value
""
Remarks
The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
ssl_server_cert_thumbprint_sha256 Property
The SHA-256 hash of the certificate.
Syntax
def get_ssl_server_cert_thumbprint_sha256() -> str: ...
ssl_server_cert_thumbprint_sha256 = property(get_ssl_server_cert_thumbprint_sha256, None)
Default Value
""
Remarks
The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.
This property is read-only.
ssl_server_cert_usage Property
The text description of UsageFlags .
Syntax
def get_ssl_server_cert_usage() -> str: ...
ssl_server_cert_usage = property(get_ssl_server_cert_usage, None)
Default Value
""
Remarks
The text description of ssl_server_cert_usage_flags.
This value will be one or more of the following strings and will be separated by commas:
- Digital Signature
- Non-Repudiation
- Key Encipherment
- Data Encipherment
- Key Agreement
- Certificate Signing
- CRL Signing
- Encipher Only
If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.
This property is read-only.
ssl_server_cert_usage_flags Property
The flags that show intended use for the certificate.
Syntax
def get_ssl_server_cert_usage_flags() -> int: ...
ssl_server_cert_usage_flags = property(get_ssl_server_cert_usage_flags, None)
Default Value
0
Remarks
The flags that show intended use for the certificate. The value of ssl_server_cert_usage_flags is a combination of the following flags:
0x80 | Digital Signature |
0x40 | Non-Repudiation |
0x20 | Key Encipherment |
0x10 | Data Encipherment |
0x08 | Key Agreement |
0x04 | Certificate Signing |
0x02 | CRL Signing |
0x01 | Encipher Only |
Please see the ssl_server_cert_usage property for a text representation of ssl_server_cert_usage_flags.
This functionality currently is not available when the provider is OpenSSL.
This property is read-only.
ssl_server_cert_version Property
The certificate's version number.
Syntax
def get_ssl_server_cert_version() -> str: ...
ssl_server_cert_version = property(get_ssl_server_cert_version, None)
Default Value
""
Remarks
The certificate's version number. The possible values are the strings "V1", "V2", and "V3".
This property is read-only.
ssl_server_cert_subject Property
The subject of the certificate used for client authentication.
Syntax
def get_ssl_server_cert_subject() -> str: ...
ssl_server_cert_subject = property(get_ssl_server_cert_subject, None)
Default Value
""
Remarks
The subject of the certificate used for client authentication.
This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.
If a matching certificate is found, the property is set to the full subject of the matching certificate.
If an exact match is not found, the store is searched for subjects containing the value of the property.
If a match is still not found, the property is set to an empty string, and no certificate is selected.
The special value "*" picks a random certificate in the certificate store.
The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:
Field | Meaning |
CN | Common Name. This is commonly a hostname like www.server.com. |
O | Organization |
OU | Organizational Unit |
L | Locality |
S | State |
C | Country |
E | Email Address |
If a field value contains a comma, it must be quoted.
This property is read-only.
ssl_server_cert_encoded Property
The certificate (PEM/Base64 encoded).
Syntax
def get_ssl_server_cert_encoded() -> bytes: ...
ssl_server_cert_encoded = property(get_ssl_server_cert_encoded, None)
Default Value
""
Remarks
The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The ssl_server_cert_store and ssl_server_cert_subject properties also may be used to specify a certificate.
When ssl_server_cert_encoded is set, a search is initiated in the current ssl_server_cert_store for the private key of the certificate. If the key is found, ssl_server_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, ssl_server_cert_subject is set to an empty string.
This property is read-only.
sys_up_time Property
Time passed since the agent was initialized (in hundredths of a second).
Syntax
def get_sys_up_time() -> int: ... def set_sys_up_time(value: int) -> None: ...
sys_up_time = property(get_sys_up_time, set_sys_up_time)
Default Value
0
Remarks
This property is used when sending SNMP traps, and it normally provides the time since the system was restarted in 1/100s of a second.
If another value is desired, you may set this property to a custom value. From that point on, sys_up_time will return the value set plus time elapsed.
activate Method
Activates the class.
Syntax
def activate() -> None: ...
Remarks
This method activates the component and will allow it to send or receive data.
The class will be automatically activated if it is not already and you attempt to perform an operation which requires the class to be active.
Note: Use the active property to check whether the component is active.
add_user Method
Adds a user to the internal authentication cache.
Syntax
def add_user(user: str, authentication_protocol: int, authentication_password: str, encryption_algorithm: int, encryption_password: str) -> None: ...
Remarks
The internal authentication cache can be used as an alternative to the on_get_user_password event, automatically checking the cache against the security parameters provided in the request signature.
The show_cache method is used to show the contents of the internal authentication cache.
The clear_cache method can be used to completely clear the cache.
Valid Authentication Protocols are:
HMAC-MD5-96 (1) | Message-Digest algorithm 5. |
HMAC-SHA-96 (2) | Secure Hash Algorithm. |
HMAC-192-SHA-256 (3) | Secure Hash Algorithm. |
HMAC-384-SHA-512 (4) | Secure Hash Algorithm. |
Valid Encryption Algorithms are:
DES (1) | Data Encryption Standard. |
AES (2) | Advanced Encryption Standard with key length of 128. |
3DES (3) | Triple Data Encryption Standard. |
AES192 (4) | Advanced Encryption Standard with key length of 192. |
AES256 (5) | Advanced Encryption Standard with key length of 256. |
NOTE: Specifying an authentication protocol of 0 is a special case where the class will attempt to verify users with all valid authentication protocols.
clear_cache Method
Clears the internal authentication database.
Syntax
def clear_cache() -> None: ...
Remarks
All user records are removed from the internal authentication cache as a result of this call.
config Method
Sets or retrieves a configuration setting.
Syntax
def config(configuration_string: str) -> str: ...
Remarks
config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.
These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the config method.
To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).
To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.
deactivate Method
Deactivates the class.
Syntax
def deactivate() -> None: ...
Remarks
This method deactivates the component and will prohibit it from sending and receiving data.
Note: Use the active property to check whether the component is active.
do_events Method
This method processes events from the internal message queue.
Syntax
def do_events() -> None: ...
Remarks
When do_events is called, the class processes any available events. If no events are available, it waits for a preset period of time, and then returns.
hash_passwords Method
Hashes all passwords in the cache.
Syntax
def hash_passwords() -> None: ...
Remarks
Forces computation of all passwords hashes in the cache. Used together with the on_hash_password event to enable implementations of external password hash storage.
remove_user Method
Removes the user specified by User from the internal authentication cache.
Syntax
def remove_user(user: str) -> None: ...
Remarks
The internal authentication cache can be used as an alternative to the on_get_user_password event, automatically checking the cache against the security parameters provided in the request signature.
The show_cache method is used to show the contents of the internal authentication cache.
The clear_cache method can be used to completely clear the cache.
reset Method
Clears the object arrays.
Syntax
def reset() -> None: ...
Remarks
Clears the object arrays, and sets the trap and error properties to their default values. This is useful for reinitializing all the properties that are used to create outgoing packets before building a new packet.
Note: snmp_version will be reset to snmpverV2c (2).
send_response Method
Sends a response packet to a Get, Get-Next, Get-Bulk, or Set request.
Syntax
def send_response(remote_host: str, remote_port: int, request_id: int, community: str, error_status: int, error_index: int) -> None: ...
Remarks
Use this method to send asynchronous response packets. A valid RequestId must be specified. send_response sends an unauthenticated response packet. Depending upon the value of the snmp_version property, the packet is constructed as an SNMPv1, SNMPv2c, or SNMPv3 (unauthenticated) response PDU. To send authenticated or encrypted SNMPv3 responses, use send_secure_response
The RemoteHost and RemotePort parameters are used to determine where the response is to be sent. The object identifiers, types, and values for the request are taken from the objects collection. The RequestId, Community, ErrorStatus, and ErrorIndex parameters are used to specify other properties of the response.
send_secure_response Method
Sends an authenticated and/or encrypted SNMPv3 response.
Syntax
def send_secure_response(remote_host: str, remote_port: int, request_id: int, message_id: int, error_status: int, error_index: int, user: str, authentication_protocol: int, authentication_password: str, encryption_algorithm: int, encryption_password: str) -> None: ...
Remarks
Similar to the send_response method except that User, Authentication Protocol, and AuthenticationPassword are used to authenticate the response. EncryptionAlgorithm and EncryptionPassword (if not empty) are used to encrypt the response.
The MessageId argument must match the MessageId parameter obtained from the on_get_request, on_get_next_request, on_set_request, or on_get_bulk_request event.
The user and password arguments used to send the response will be added to the internal user cache. If the user is already in the cache, its passwords will be updated with those supplied.
Valid Authentication Protocols are:
HMAC-MD5-96 (1) | Message-Digest algorithm 5. |
HMAC-SHA-96 (2) | Secure Hash Algorithm. |
HMAC-192-SHA-256 (3) | Secure Hash Algorithm. |
HMAC-384-SHA-512 (4) | Secure Hash Algorithm. |
Valid Encryption Algorithms are:
DES (1) | Data Encryption Standard. |
AES (2) | Advanced Encryption Standard with key length of 128. |
3DES (3) | Triple Data Encryption Standard. |
AES192 (4) | Advanced Encryption Standard with key length of 192. |
AES256 (5) | Advanced Encryption Standard with key length of 256. |
send_secure_trap Method
Sends an authenticated and/or encrypted SNMPv3 trap.
Syntax
def send_secure_trap(remote_host: str, trap_oid: str, user: str, authentication_protocol: int, authentication_password: str, encryption_algorithm: int, encryption_password: str) -> None: ...
Remarks
Similar to the send_trap method except that User, AuthenticationPassword, and Authentication Protocol are used to authenticate the trap. EncryptionPassword (if not empty) and EncryptionAlgorithm are used to encrypt the message.
The user and password arguments used to send the trap will be added to the internal user cache. If the user is already in the cache, its passwords will be updated with those supplied.
Valid Authentication Protocols are:
HMAC-MD5-96 (1) | Message-Digest algorithm 5. |
HMAC-SHA-96 (2) | Secure Hash Algorithm. |
HMAC-192-SHA-256 (3) | Secure Hash Algorithm. |
HMAC-384-SHA-512 (4) | Secure Hash Algorithm. |
Valid Encryption Algorithms are:
DES (1) | Data Encryption Standard. |
AES (2) | Advanced Encryption Standard with key length of 128. |
3DES (3) | Triple Data Encryption Standard. |
AES192 (4) | Advanced Encryption Standard with key length of 192. |
AES256 (5) | Advanced Encryption Standard with key length of 256. |
send_trap Method
Sends an SNMP Trap.
Syntax
def send_trap(remote_host: str, trap_oid: str) -> None: ...
Remarks
Depending upon the value of the snmp_version property, the packet is constructed as an SNMPv1 or SNMPv2 Trap PDU. The following configuration settings provide more control about how traps are generated: TrapPort, TrapAgentAddress, TrapCommunity, TrapEnterprise. The sys_up_time property provides the trap timestamp.
send_trap sends an unauthenticated trap. The send_secure_trap method is used to send authenticated SNMPv3 traps.
If any values are provided in the objects collection, they are sent unchanged. In the case of an SNMPv2 or SNMPv3 Trap, if objects has a count that is equal to 0, the following values are set: sysUpTime.0 equal to sys_up_time and snmpTrapOID.0 equal to TrapOID.
For SNMPv2 and SNMPv3 Traps, TrapOID must contain the full OID of the Trap. For SNMPv1, TrapOID must be a string of the form "generic.specific" where generic and specific are numeric values providing the Trap Generic Type and Specific Type.
For SNMPv1, TrapOID must be of the form "GenericTrap.SpecificTrap". These values are sent in the PDU header. TrapAgentAddress and TrapEnterprise are taken from the corresponding configuration settings.
Additionally, the following symbolic values are recognized and translated as follows:
Trap Name | OID (SNMPv2 and above) | SNMPv1 GenericType |
coldStart | 1.3.6.1.6.3.1.1.5.1 | 0 |
warmStart | 1.3.6.1.6.3.1.1.5.2 | 1 |
linkDown | 1.3.6.1.6.3.1.1.5.3 | 2 |
linkUp | 1.3.6.1.6.3.1.1.5.4 | 3 |
authenticationFailure | 1.3.6.1.6.3.1.1.5.5 | 4 |
egpNeighborLoss | 1.3.6.1.6.3.1.1.5.6 | 5 |
enterpriseSpecific | 1.3.6.1.6.3.1.1.5.7 | 6 |
show_cache Method
Lists all entries in the internal user authentication cache.
Syntax
def show_cache() -> None: ...
Remarks
A on_cache_entry event is fired for every record in the internal user authentication cache.
The internal authentication cache can be used as an alternative to the on_get_user_password event, automatically checking the cache against the security parameters provided in the request signature.
The show_cache method is used to show the contents of the internal authentication cache.
The clear_cache method can be used to completely clear the cache.
value Method
Returns the value corresponding to an OID.
Syntax
def value(oid: str) -> str: ...
Remarks
If the OID does not exist in the objects collection, a trappable error is generated.
Please refer to the SNMPObject type for more information.
on_bad_packet Event
Fired for erroneous and/or malformed messages.
Syntax
class SNMPAgentBadPacketEventParams(object): @property def packet() -> bytes: ... @property def source_address() -> str: ... @property def source_port() -> int: ... @property def error_code() -> int: ... @property def error_description() -> str: ... @property def report() -> bool: ... @report.setter def report(value) -> None: ... # In class SNMPAgent: @property def on_bad_packet() -> Callable[[SNMPAgentBadPacketEventParams], None]: ... @on_bad_packet.setter def on_bad_packet(event_hook: Callable[[SNMPAgentBadPacketEventParams], None]) -> None: ...
Remarks
The full message is provided in the Packet parameter.
The on_bad_packet event is also fired when authentication fails for received packets due to a bad password or other reasons.
If the Report parameter is set to True, an unauthenticated error report will be sent to the client, otherwise the packet will be silently ignored.
Please refer to the on_get_user_password event for more information concerning SNMPv3 authentication.
on_cache_entry Event
Shows in the internal cache.
Syntax
class SNMPAgentCacheEntryEventParams(object): @property def user() -> str: ... @property def authentication_protocol() -> str: ... @property def authentication_password() -> str: ... @property def encryption_algorithm() -> str: ... @property def encryption_password() -> str: ... # In class SNMPAgent: @property def on_cache_entry() -> Callable[[SNMPAgentCacheEntryEventParams], None]: ... @on_cache_entry.setter def on_cache_entry(event_hook: Callable[[SNMPAgentCacheEntryEventParams], None]) -> None: ...
Remarks
on_cache_entry events are triggered by a call to show_cache. One event is fired for each user.
on_connected Event
Fired immediately after a connection completes (or fails).
Syntax
class SNMPAgentConnectedEventParams(object): @property def remote_address() -> str: ... @property def remote_port() -> int: ... @property def status_code() -> int: ... @property def description() -> str: ... # In class SNMPAgent: @property def on_connected() -> Callable[[SNMPAgentConnectedEventParams], None]: ... @on_connected.setter def on_connected(event_hook: Callable[[SNMPAgentConnectedEventParams], None]) -> None: ...
Remarks
This event fires after a connection completes or fails.
StatusCode is the value returned by the system TCP/IP stack. This will be 0 if the connection was successful.
Description contains a human readable description of the status. This will be "OK" if the connection was successful.
RemoteAddress is the IP address of the remote host.
RemotePort is the port on the remote host.
on_disconnected Event
Fired when a connection is closed.
Syntax
class SNMPAgentDisconnectedEventParams(object): @property def remote_address() -> str: ... @property def remote_port() -> int: ... @property def status_code() -> int: ... @property def description() -> str: ... # In class SNMPAgent: @property def on_disconnected() -> Callable[[SNMPAgentDisconnectedEventParams], None]: ... @on_disconnected.setter def on_disconnected(event_hook: Callable[[SNMPAgentDisconnectedEventParams], None]) -> None: ...
Remarks
This event fires after a connection is broken.
StatusCode is the value returned by the system TCP/IP stack. This will be 0 if the connection was broken normally.
Description contains a human readable description of the status. This will be "OK" if the connection was broken normally.
RemoteAddress is the IP address of the remote host.
RemotePort is the port on the remote host.
on_discovery_request Event
Fired when an SNMPv3 discovery packet is received.
Syntax
class SNMPAgentDiscoveryRequestEventParams(object): @property def engine_id() -> bytes: ... @property def engine_boots() -> int: ... @property def engine_time() -> int: ... @property def user() -> str: ... @property def security_level() -> int: ... @property def source_address() -> str: ... @property def source_port() -> int: ... @property def respond() -> bool: ... @respond.setter def respond(value) -> None: ... # In class SNMPAgent: @property def on_discovery_request() -> Callable[[SNMPAgentDiscoveryRequestEventParams], None]: ... @on_discovery_request.setter def on_discovery_request(event_hook: Callable[[SNMPAgentDiscoveryRequestEventParams], None]) -> None: ...
Remarks
EngineId, EngineBoots, EngineTime, and User are the values received from SourceAddress.
For SNMPv3, the User parameter shows the user that was supplied with the packet. This parameter MUST be used together with the SecurityLevel parameter which shows the level of security in the message.
The SecurityLevel parameter shows whether the request has been authenticated. If SecurityLevel is 0, the request has NOT been authenticated (i.e. the packet signature has not been verified). For an authenticated, non encrypted request, SecurityLevel is 1. For an authenticated and encrypted request, SecurityLevel is 2.
Respond is True by default, and will automatically send a response using the value in local_engine_id. To suppress the response, set Respond to False.
The value returned to SourceAddress for EngineBoots is always 0, and EngineTime is the number of seconds since January 1st, 1970 (GMT).
on_error Event
Fired when information is available about errors during data delivery.
Syntax
class SNMPAgentErrorEventParams(object): @property def error_code() -> int: ... @property def description() -> str: ... # In class SNMPAgent: @property def on_error() -> Callable[[SNMPAgentErrorEventParams], None]: ... @on_error.setter def on_error(event_hook: Callable[[SNMPAgentErrorEventParams], None]) -> None: ...
Remarks
The on_error event is fired in case of exceptional conditions during message processing. Normally the class fails with an error.
The ErrorCode parameter contains an error code, and the Description parameter contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.
on_get_bulk_request Event
Fired when a GetBulkRequest packet is received.
Syntax
class SNMPAgentGetBulkRequestEventParams(object): @property def request_id() -> int: ... @property def message_id() -> int: ... @property def snmp_version() -> int: ... @property def community() -> str: ... @property def user() -> str: ... @property def security_level() -> int: ... @property def source_address() -> str: ... @property def source_port() -> int: ... @property def non_repeaters() -> int: ... @property def max_repetitions() -> int: ... @property def error_index() -> int: ... @error_index.setter def error_index(value) -> None: ... @property def error_status() -> int: ... @error_status.setter def error_status(value) -> None: ... @property def error_description() -> str: ... @property def respond() -> bool: ... @respond.setter def respond(value) -> None: ... # In class SNMPAgent: @property def on_get_bulk_request() -> Callable[[SNMPAgentGetBulkRequestEventParams], None]: ... @on_get_bulk_request.setter def on_get_bulk_request(event_hook: Callable[[SNMPAgentGetBulkRequestEventParams], None]) -> None: ...
Remarks
This is only available for SNMP versions 2 and 3.
The list of variables in the SNMP packet, including optional values and types, is provided through the objects collection. Each object is of type SNMPObject. This type describes the obj_id, obj_type, and obj_value of each SNMP object. These variables must be copied to another location before the event has completed executing, or they may be overridden by other events.
The SourceAddress and SourcePort parameters show the address and port of the sender as reported by the TCP/IP stack.
The MessageId parameter identifies the received request.
For SNMPv3, the User parameter shows the user that was supplied with the packet. This parameter MUST be used together with the SecurityLevel parameter which shows the level of security in the message.
The SecurityLevel parameter shows whether the request has been authenticated. If SecurityLevel is 0, the request has NOT been authenticated (i.e. the packet signature has not been verified). For an authenticated, non encrypted request, SecurityLevel is 1. For an authenticated and encrypted request, SecurityLevel is 2.
To send a response, the Respond parameter must be set to true. By default, this value is false, which means no response will be sent. The ErrorStatus parameter may also be set to a valid SNMP status code (the default value is 0, which represents no error).
The following is a list of valid SNMP status code values:
0 (noError) | No error. |
1 (tooBig) | The response cannot fit in a single SNMP message. |
2 (noSuchName) | Variable does not exist. |
3 (badValue) | Invalid value or syntax. |
4 (readOnly) | Variable is read-only. |
5 (genError) | Other error (SNMPv1). |
6 (noAccess) | Access denied. |
7 (wrongType) | Wrong object type. |
8 (wrongLength) | Wrong length. |
9 (wrongEncoding) | Wrong encoding. |
10 (wrongValue) | Wrong value. |
11 (noCreation) | No creation. |
12 (inconsistentValue) | Inconsistent value. |
13 (resourceUnavailable) | Resource unavailable. |
14 (commitFailed) | Commit failed. |
15 (undoFailed) | Undo failed. |
16 (authorizationError) | Authorization error. |
17 (notWritable) | Variable is not writable. |
18 (inconsistentName) | Inconsistent name. |
Variable indexes start with 0. ErrorIndex has no meaning when ErrorStatus is 0 (no error).
A GetBulkRequest is very similar to a GetNextRequest, the difference is that Getbulk performs a continuous GetNext operation based on the MaxRepitions value. The NonRepeaters value will determine the number of objects for which a simple GetNext operation should be performed. For the remaining variables, a continuous GetNext operation is performed based on the MaxRepitions value.
So if you send a request containing X objects, the agent will perform N simple GetNext operations and M continuous GetNext operations X - N times. With X being the number of objects received, N being the number of NonRepeaters, and M being the number of MaxRepitions. Thus the SNMPMgr is expecting to receive N + M x (X - N) objects, assuming that each object has M successors.
on_get_next_request Event
Fired when a GetNextRequest packet is received.
Syntax
class SNMPAgentGetNextRequestEventParams(object): @property def request_id() -> int: ... @property def message_id() -> int: ... @property def snmp_version() -> int: ... @property def community() -> str: ... @property def user() -> str: ... @property def security_level() -> int: ... @property def source_address() -> str: ... @property def source_port() -> int: ... @property def error_index() -> int: ... @error_index.setter def error_index(value) -> None: ... @property def error_status() -> int: ... @error_status.setter def error_status(value) -> None: ... @property def error_description() -> str: ... @property def respond() -> bool: ... @respond.setter def respond(value) -> None: ... # In class SNMPAgent: @property def on_get_next_request() -> Callable[[SNMPAgentGetNextRequestEventParams], None]: ... @on_get_next_request.setter def on_get_next_request(event_hook: Callable[[SNMPAgentGetNextRequestEventParams], None]) -> None: ...
Remarks
The list of variables in the SNMP packet, including optional values and types, is provided through the objects collection. Each object is of type SNMPObject. This type describes the obj_id, obj_type, and obj_value of each SNMP object. These variables must be copied to another location before the event has completed executing, or they may be overridden by other events.
The SourceAddress and SourcePort parameters show the address and port of the sender as reported by the TCP/IP stack.
The MessageId parameter identifies the received request.
For SNMPv3, the User parameter shows the user that was supplied with the packet. This parameter MUST be used together with the SecurityLevel parameter which shows the level of security in the message.
The SecurityLevel parameter shows whether the request has been authenticated. If SecurityLevel is 0, the request has NOT been authenticated (i.e. the packet signature has not been verified). For an authenticated, non encrypted request, SecurityLevel is 1. For an authenticated and encrypted request, SecurityLevel is 2.
To send a response, the Respond parameter must be set to true. By default, this value is false, which means no response will be sent. The ErrorStatus parameter may also be set to a valid SNMP status code (the default value is 0, which represents no error).
The following is a list of valid SNMP status code values:
0 (noError) | No error. |
1 (tooBig) | The response cannot fit in a single SNMP message. |
2 (noSuchName) | Variable does not exist. |
3 (badValue) | Invalid value or syntax. |
4 (readOnly) | Variable is read-only. |
5 (genError) | Other error (SNMPv1). |
6 (noAccess) | Access denied. |
7 (wrongType) | Wrong object type. |
8 (wrongLength) | Wrong length. |
9 (wrongEncoding) | Wrong encoding. |
10 (wrongValue) | Wrong value. |
11 (noCreation) | No creation. |
12 (inconsistentValue) | Inconsistent value. |
13 (resourceUnavailable) | Resource unavailable. |
14 (commitFailed) | Commit failed. |
15 (undoFailed) | Undo failed. |
16 (authorizationError) | Authorization error. |
17 (notWritable) | Variable is not writable. |
18 (inconsistentName) | Inconsistent name. |
Variable indexes start with 0. ErrorIndex has no meaning when ErrorStatus is 0 (no error).
on_get_request Event
Fired when a GetRequest packet is received.
Syntax
class SNMPAgentGetRequestEventParams(object): @property def request_id() -> int: ... @property def message_id() -> int: ... @property def snmp_version() -> int: ... @property def community() -> str: ... @property def user() -> str: ... @property def security_level() -> int: ... @property def source_address() -> str: ... @property def source_port() -> int: ... @property def error_index() -> int: ... @error_index.setter def error_index(value) -> None: ... @property def error_status() -> int: ... @error_status.setter def error_status(value) -> None: ... @property def error_description() -> str: ... @property def respond() -> bool: ... @respond.setter def respond(value) -> None: ... # In class SNMPAgent: @property def on_get_request() -> Callable[[SNMPAgentGetRequestEventParams], None]: ... @on_get_request.setter def on_get_request(event_hook: Callable[[SNMPAgentGetRequestEventParams], None]) -> None: ...
Remarks
The list of variables in the SNMP packet, including optional values and types, is provided through the objects collection. Each object is of type SNMPObject. This type describes the obj_id, obj_type, and obj_value of each SNMP object. These variables must be copied to another location before the event has completed executing, or they may be overridden by other events.
The SourceAddress and SourcePort parameters show the address and port of the sender as reported by the TCP/IP stack.
The MessageId parameter identifies the received request.
For SNMPv3, the User parameter shows the user that was supplied with the packet. This parameter MUST be used together with the SecurityLevel parameter which shows the level of security in the message.
The SecurityLevel parameter shows whether the request has been authenticated. If SecurityLevel is 0, the request has NOT been authenticated (i.e. the packet signature has not been verified). For an authenticated, non encrypted request, SecurityLevel is 1. For an authenticated and encrypted request, SecurityLevel is 2.
To send a response, the Respond parameter must be set to true. By default, this value is false, which means no response will be sent. The ErrorStatus parameter may also be set to a valid SNMP status code (the default value is 0, which represents no error).
The following is a list of valid SNMP status code values:
0 (noError) | No error. |
1 (tooBig) | The response cannot fit in a single SNMP message. |
2 (noSuchName) | Variable does not exist. |
3 (badValue) | Invalid value or syntax. |
4 (readOnly) | Variable is read-only. |
5 (genError) | Other error (SNMPv1). |
6 (noAccess) | Access denied. |
7 (wrongType) | Wrong object type. |
8 (wrongLength) | Wrong length. |
9 (wrongEncoding) | Wrong encoding. |
10 (wrongValue) | Wrong value. |
11 (noCreation) | No creation. |
12 (inconsistentValue) | Inconsistent value. |
13 (resourceUnavailable) | Resource unavailable. |
14 (commitFailed) | Commit failed. |
15 (undoFailed) | Undo failed. |
16 (authorizationError) | Authorization error. |
17 (notWritable) | Variable is not writable. |
18 (inconsistentName) | Inconsistent name. |
Variable indexes start with 0. ErrorIndex has no meaning when ErrorStatus is 0 (no error).
on_get_user_password Event
Retrieves a password associated with a user.
Syntax
class SNMPAgentGetUserPasswordEventParams(object): @property def password_type() -> int: ... @property def user() -> str: ... @property def password() -> str: ... @password.setter def password(value) -> None: ... @property def algorithm() -> int: ... @algorithm.setter def algorithm(value) -> None: ... # In class SNMPAgent: @property def on_get_user_password() -> Callable[[SNMPAgentGetUserPasswordEventParams], None]: ... @on_get_user_password.setter def on_get_user_password(event_hook: Callable[[SNMPAgentGetUserPasswordEventParams], None]) -> None: ...
Remarks
The on_get_user_password event is fired after initial inspection of SNMPv3 requests.
The type of password required is provided in the PasswordType parameter: 1 for authentication, and 2 for encryption (privacy).
The password corresponding to User (if any) must be provided in the Password parameter. If the password is valid, processing will continue to other events such as on_get_request, on_set_request, etc.
If the PasswordType parameter is 1 (authentication is used), the Algorithm parameter can be set. Possible values are:
Value | Authentication Algorithm |
0 (default) | Any |
1 | MD5 |
2 | SHA1 |
3 | SHA256 |
4 | SHA512 |
Value | Encryption Algorithm |
1 (default) | DES |
2 | AES |
3 | 3DES |
4 | AES192 |
5 | AES256 |
If the password does not match the signature in the request, a on_bad_packet event will be fired, at which point you can decide whether to report the error to the client (see the description of the on_bad_packet event for more information).
If the User is invalid or unknown, set the password to empty string (default) to ignore the request. This will result in a on_bad_packet event being fired, at which point you can decide whether to report the error to the client or not.
on_get_user_security_level Event
Sets the security level for an incoming packet.
Syntax
class SNMPAgentGetUserSecurityLevelEventParams(object): @property def user() -> str: ... @property def engine_id() -> bytes: ... @property def security_level() -> int: ... @security_level.setter def security_level(value) -> None: ... # In class SNMPAgent: @property def on_get_user_security_level() -> Callable[[SNMPAgentGetUserSecurityLevelEventParams], None]: ... @on_get_user_security_level.setter def on_get_user_security_level(event_hook: Callable[[SNMPAgentGetUserSecurityLevelEventParams], None]) -> None: ...
Remarks
The on_get_user_security_level event is fired after the first inspection of each SNMPv3 request. The SecurityLevel parameter determines the level of security for the message.
On entry, the SecurityLevel parameter contains the default security level for User if the user is located in the internal cache, or if the User is not found in the cache, the SecurityLevel will be -1.
The value of SecurityLevel upon exiting the event, determines how the message will be processed:
-1 | The message will be ignored and a on_bad_packet event will be fired. |
0 | No security. The message will be processed without any authentication and/or encryption. |
1 | Authentication only. The message will be checked for a valid signature and the on_get_user_password event will be fired to verify the authentication password. |
2 | Authentication and Privacy. The message will be checked for a valid signature and the on_get_user_password event will be fired twice: first to verify the authentication password, and then to verify the privacy password. |
on_hash_password Event
Fired before and after a password is hashed.
Syntax
class SNMPAgentHashPasswordEventParams(object): @property def password() -> str: ... @property def auth_algorithm() -> int: ... @property def hash() -> str: ... @hash.setter def hash(value) -> None: ... # In class SNMPAgent: @property def on_hash_password() -> Callable[[SNMPAgentHashPasswordEventParams], None]: ... @on_hash_password.setter def on_hash_password(event_hook: Callable[[SNMPAgentHashPasswordEventParams], None]) -> None: ...
Remarks
SNMPv3 passwords are hashed in order to obtain authentication and encryption keys. This is an expensive operation, and in certain situations it may be preferable to store the hashed passwords externally and supply them on demand.
If a hash is required, the event fires with an empty string in the Hash parameter. In this case, you can choose to supply a value for the hash and stop the class from computing the hash.
The event also fires every time a hash is computed. In this case, the Hash parameter contains the value of the computed hash.
AuthAlgorithm contains either 1 for HMAC-MD5-96, 2 for HMAC-SHA-96 or 3 for HMAC-192-SHA-256
on_packet_trace Event
Fired for every packet sent or received.
Syntax
class SNMPAgentPacketTraceEventParams(object): @property def packet() -> bytes: ... @property def direction() -> int: ... @property def packet_address() -> str: ... @property def packet_port() -> int: ... # In class SNMPAgent: @property def on_packet_trace() -> Callable[[SNMPAgentPacketTraceEventParams], None]: ... @on_packet_trace.setter def on_packet_trace(event_hook: Callable[[SNMPAgentPacketTraceEventParams], None]) -> None: ...
Remarks
The on_packet_trace event shows all the packets sent or received by the class.
Packet contains the full contents of the datagram.
Direction shows the direction of the packet: 1 for incoming packets, and 2 for outgoing packets.
In the case of an incoming packet, PacketAddress and PacketPort identify the source of the packet.
In the case of an outgoing packet, PacketAddress and PacketPort identify the destination of the packet.
on_ready_to_send Event
Fired when the class is ready to send data.
Syntax
class SNMPAgentReadyToSendEventParams(object): # In class SNMPAgent: @property def on_ready_to_send() -> Callable[[SNMPAgentReadyToSendEventParams], None]: ... @on_ready_to_send.setter def on_ready_to_send(event_hook: Callable[[SNMPAgentReadyToSendEventParams], None]) -> None: ...
Remarks
The on_ready_to_send event indicates that the underlying TCP/IP subsystem is ready to accept data after a failed DataToSend(TBD. DataToSend is removed).
on_report Event
Fired when a Report packet is received.
Syntax
class SNMPAgentReportEventParams(object): @property def request_id() -> int: ... @property def snmp_version() -> int: ... @property def community() -> str: ... @property def user() -> str: ... @property def security_level() -> int: ... @property def source_address() -> str: ... @property def source_port() -> int: ... @property def error_index() -> int: ... @property def error_status() -> int: ... @property def error_description() -> str: ... # In class SNMPAgent: @property def on_report() -> Callable[[SNMPAgentReportEventParams], None]: ... @on_report.setter def on_report(event_hook: Callable[[SNMPAgentReportEventParams], None]) -> None: ...
Remarks
For SNMPv3, the User parameter shows the user that was supplied with the packet. This parameter MUST be used together with the SecurityLevel parameter which shows the level of security in the message.
The SecurityLevel parameter shows whether the request has been authenticated. If SecurityLevel is 0, the request has NOT been authenticated (i.e. the packet signature has not been verified). For an authenticated, non encrypted request, SecurityLevel is 1. For an authenticated and encrypted request, SecurityLevel is 2.
The list of variables in the SNMP packet, including optional values and types, is provided through the objects collection. Each object is of type SNMPObject. This type describes the obj_id, obj_type, and obj_value of each SNMP object. These variables must be copied to another location before the event has completed executing, or they may be overridden by other events.
The SourceAddress and SourcePort parameters show the address and port of the sender as reported by the TCP/IP stack.
on_set_request Event
Fired when a SetRequest packet is received.
Syntax
class SNMPAgentSetRequestEventParams(object): @property def request_id() -> int: ... @property def message_id() -> int: ... @property def snmp_version() -> int: ... @property def community() -> str: ... @property def user() -> str: ... @property def security_level() -> int: ... @property def source_address() -> str: ... @property def source_port() -> int: ... @property def error_index() -> int: ... @error_index.setter def error_index(value) -> None: ... @property def error_status() -> int: ... @error_status.setter def error_status(value) -> None: ... @property def error_description() -> str: ... @property def respond() -> bool: ... @respond.setter def respond(value) -> None: ... # In class SNMPAgent: @property def on_set_request() -> Callable[[SNMPAgentSetRequestEventParams], None]: ... @on_set_request.setter def on_set_request(event_hook: Callable[[SNMPAgentSetRequestEventParams], None]) -> None: ...
Remarks
The list of variables in the SNMP packet, including optional values and types, is provided through the objects collection. Each object is of type SNMPObject. This type describes the obj_id, obj_type, and obj_value of each SNMP object. These variables must be copied to another location before the event has completed executing, or they may be overridden by other events.
The SourceAddress and SourcePort parameters show the address and port of the sender as reported by the TCP/IP stack.
The MessageId parameter identifies the received request.
For SNMPv3, the User parameter shows the user that was supplied with the packet. This parameter MUST be used together with the SecurityLevel parameter which shows the level of security in the message.
The SecurityLevel parameter shows whether the request has been authenticated. If SecurityLevel is 0, the request has NOT been authenticated (i.e. the packet signature has not been verified). For an authenticated, non encrypted request, SecurityLevel is 1. For an authenticated and encrypted request, SecurityLevel is 2.
To send a response, the Respond parameter must be set to true. By default, this value is false, which means no response will be sent. The ErrorStatus parameter may also be set to a valid SNMP status code (the default value is 0, which represents no error).
The following is a list of valid SNMP status code values:
0 (noError) | No error. |
1 (tooBig) | The response cannot fit in a single SNMP message. |
2 (noSuchName) | Variable does not exist. |
3 (badValue) | Invalid value or syntax. |
4 (readOnly) | Variable is read-only. |
5 (genError) | Other error (SNMPv1). |
6 (noAccess) | Access denied. |
7 (wrongType) | Wrong object type. |
8 (wrongLength) | Wrong length. |
9 (wrongEncoding) | Wrong encoding. |
10 (wrongValue) | Wrong value. |
11 (noCreation) | No creation. |
12 (inconsistentValue) | Inconsistent value. |
13 (resourceUnavailable) | Resource unavailable. |
14 (commitFailed) | Commit failed. |
15 (undoFailed) | Undo failed. |
16 (authorizationError) | Authorization error. |
17 (notWritable) | Variable is not writable. |
18 (inconsistentName) | Inconsistent name. |
Variable indexes start with 0. ErrorIndex has no meaning when ErrorStatus is 0 (no error).
on_ssl_client_authentication Event
Fired when the client presents its credentials to the server.
Syntax
class SNMPAgentSSLClientAuthenticationEventParams(object): @property def remote_address() -> str: ... @property def remote_port() -> int: ... @property def cert_encoded() -> bytes: ... @property def cert_subject() -> str: ... @property def cert_issuer() -> str: ... @property def status() -> str: ... @property def accept() -> bool: ... @accept.setter def accept(value) -> None: ... # In class SNMPAgent: @property def on_ssl_client_authentication() -> Callable[[SNMPAgentSSLClientAuthenticationEventParams], None]: ... @on_ssl_client_authentication.setter def on_ssl_client_authentication(event_hook: Callable[[SNMPAgentSSLClientAuthenticationEventParams], None]) -> None: ...
Remarks
This event fires when a client connects to the class and presents a certificate for authentication. The Accept parameter is a recommendation on whether to continue or close the connection. This is just a suggestion: application software must use its own logic to determine whether to continue or not.
When Accept is False, Status shows why the verification failed (otherwise, Status contains the string "OK").
RemoteAddress is the IP address of the connecting client.
RemotePort is the source port of the connecting client.
CertEncoded is the base64 encoded certificate presented by the client.
CertSubject is the subject of the certificate presented by the client.
CertIssuer is the subject of the issuer of the certificate presented by the client.
Status is the stauts of the certificate.
Accept defines whether the certificate is accepted.
on_ssl_server_authentication Event
Fires when connecting to the server.
Syntax
class SNMPAgentSSLServerAuthenticationEventParams(object): @property def remote_address() -> str: ... @property def remote_port() -> int: ... @property def cert_encoded() -> bytes: ... @property def cert_subject() -> str: ... @property def cert_issuer() -> str: ... @property def status() -> str: ... @property def accept() -> bool: ... @accept.setter def accept(value) -> None: ... # In class SNMPAgent: @property def on_ssl_server_authentication() -> Callable[[SNMPAgentSSLServerAuthenticationEventParams], None]: ... @on_ssl_server_authentication.setter def on_ssl_server_authentication(event_hook: Callable[[SNMPAgentSSLServerAuthenticationEventParams], None]) -> None: ...
Remarks
This event is where the client can decide whether to continue with the connection process or not. The Accept parameter is a recommendation on whether to continue or close the connection. This is just a suggestion: application software must use its own logic to determine whether to continue or not.
When Accept is False, Status shows why the verification failed (otherwise, Status contains the string "OK"). If it is decided to continue, you can override and accept the certificate by setting the Accept parameter to True.
RemoteAddress is the IP address of the server.
RemotePort is the source port of the server.
CertEncoded is the base64 encoded certificate presented by the server.
CertSubject is the subject of the certificate presented by the server.
CertIssuer is the subject of the issuer of the certificate presented by the server.
Status is the stauts of the certificate.
Accept defines whether the certificate is accepted.
on_ssl_status Event
Shows the progress of the secure connection.
Syntax
class SNMPAgentSSLStatusEventParams(object): @property def remote_address() -> str: ... @property def remote_port() -> int: ... @property def message() -> str: ... # In class SNMPAgent: @property def on_ssl_status() -> Callable[[SNMPAgentSSLStatusEventParams], None]: ... @on_ssl_status.setter def on_ssl_status(event_hook: Callable[[SNMPAgentSSLStatusEventParams], None]) -> None: ...
Remarks
The event is fired for informational and logging purposes only. It is used to track the progress of the connection.
RemoteAddress is the IP address of the remote machine.
RemotePort is the port of the remote machine.
Message is the log message.
SNMPAgent Config Settings
The class accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the config method.SNMPAgent Config Settings
0 (default) | Component operates normally for greatest compatibility. |
1 | Component uses SNMP4j-compatible encryption (AES192 and AES256). |
2 | Component automatically detects whether to use SNMP4j-compatible encryption (AES192 and AES256). Note: This option is only applicable when receiving packets. If you are using SNMPMgr or sending secure traps, you will need to select either 0 or 1. |
A valid port number (a value between 1 and 65535) is required. The default value is 162.
UDP Config Settings
The default value for this setting is False.
Note: This configuration setting is available only in Windows.
The default value is False.
Note: This configuration setting is available only in Windows.
In multihomed hosts (machines with more than one IP interface), setting LocalHost to the value of an interface will make the class initiate connections (or accept in the case of server classs) only through that interface.
If the class is connected, the local_host setting shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multihomed hosts (machines with more than one IP interface).
Setting this to 0 (default) enables the system to choose a port at random. The chosen port will be shown by local_port after the connection is established.
local_port cannot be changed once a connection is made. Any attempt to set this when a connection is active will generate an error.
This configuration setting is useful when trying to connect to services that require a trusted port on the client side. An example is the remote shell (rsh) service in UNIX systems.
Note: This configuration setting uses the qWAVE API and is available only on Windows 7, Windows Server 2008 R2, and later.
Note: This configuration setting uses the qWAVE API and is available only on Windows Vista and Windows Server 2008 or above.
Note: QOSTrafficType must be set before setting active to True.
The default value for this setting is False.
Note: This configuration setting is available only in Windows and requires that the winpcap library be installed (or npcap with winpcap compatibility).
Note: This configuration setting is available only in Windows and requires that the winpcap library be installed (or npcap with winpcap compatibility).
The default value for this setting is False.
Socket Config Settings
Note: This option is not valid for User Datagram Protocol (UDP) ports.
Some TCP/IP implementations do not support variable buffer sizes. If that is the case, when the class is activated the InBufferSize reverts to its defined size. The same happens if you attempt to make it too large or too small.
Some TCP/IP implementations do not support variable buffer sizes. If that is the case, when the class is activated the OutBufferSize reverts to its defined size. The same happens if you attempt to make it too large or too small.
Base Config Settings
The following is a list of valid code page identifiers:
Identifier | Name |
037 | IBM EBCDIC - U.S./Canada |
437 | OEM - United States |
500 | IBM EBCDIC - International |
708 | Arabic - ASMO 708 |
709 | Arabic - ASMO 449+, BCON V4 |
710 | Arabic - Transparent Arabic |
720 | Arabic - Transparent ASMO |
737 | OEM - Greek (formerly 437G) |
775 | OEM - Baltic |
850 | OEM - Multilingual Latin I |
852 | OEM - Latin II |
855 | OEM - Cyrillic (primarily Russian) |
857 | OEM - Turkish |
858 | OEM - Multilingual Latin I + Euro symbol |
860 | OEM - Portuguese |
861 | OEM - Icelandic |
862 | OEM - Hebrew |
863 | OEM - Canadian-French |
864 | OEM - Arabic |
865 | OEM - Nordic |
866 | OEM - Russian |
869 | OEM - Modern Greek |
870 | IBM EBCDIC - Multilingual/ROECE (Latin-2) |
874 | ANSI/OEM - Thai (same as 28605, ISO 8859-15) |
875 | IBM EBCDIC - Modern Greek |
932 | ANSI/OEM - Japanese, Shift-JIS |
936 | ANSI/OEM - Simplified Chinese (PRC, Singapore) |
949 | ANSI/OEM - Korean (Unified Hangul Code) |
950 | ANSI/OEM - Traditional Chinese (Taiwan; Hong Kong SAR, PRC) |
1026 | IBM EBCDIC - Turkish (Latin-5) |
1047 | IBM EBCDIC - Latin 1/Open System |
1140 | IBM EBCDIC - U.S./Canada (037 + Euro symbol) |
1141 | IBM EBCDIC - Germany (20273 + Euro symbol) |
1142 | IBM EBCDIC - Denmark/Norway (20277 + Euro symbol) |
1143 | IBM EBCDIC - Finland/Sweden (20278 + Euro symbol) |
1144 | IBM EBCDIC - Italy (20280 + Euro symbol) |
1145 | IBM EBCDIC - Latin America/Spain (20284 + Euro symbol) |
1146 | IBM EBCDIC - United Kingdom (20285 + Euro symbol) |
1147 | IBM EBCDIC - France (20297 + Euro symbol) |
1148 | IBM EBCDIC - International (500 + Euro symbol) |
1149 | IBM EBCDIC - Icelandic (20871 + Euro symbol) |
1200 | Unicode UCS-2 Little-Endian (BMP of ISO 10646) |
1201 | Unicode UCS-2 Big-Endian |
1250 | ANSI - Central European |
1251 | ANSI - Cyrillic |
1252 | ANSI - Latin I |
1253 | ANSI - Greek |
1254 | ANSI - Turkish |
1255 | ANSI - Hebrew |
1256 | ANSI - Arabic |
1257 | ANSI - Baltic |
1258 | ANSI/OEM - Vietnamese |
1361 | Korean (Johab) |
10000 | MAC - Roman |
10001 | MAC - Japanese |
10002 | MAC - Traditional Chinese (Big5) |
10003 | MAC - Korean |
10004 | MAC - Arabic |
10005 | MAC - Hebrew |
10006 | MAC - Greek I |
10007 | MAC - Cyrillic |
10008 | MAC - Simplified Chinese (GB 2312) |
10010 | MAC - Romania |
10017 | MAC - Ukraine |
10021 | MAC - Thai |
10029 | MAC - Latin II |
10079 | MAC - Icelandic |
10081 | MAC - Turkish |
10082 | MAC - Croatia |
12000 | Unicode UCS-4 Little-Endian |
12001 | Unicode UCS-4 Big-Endian |
20000 | CNS - Taiwan |
20001 | TCA - Taiwan |
20002 | Eten - Taiwan |
20003 | IBM5550 - Taiwan |
20004 | TeleText - Taiwan |
20005 | Wang - Taiwan |
20105 | IA5 IRV International Alphabet No. 5 (7-bit) |
20106 | IA5 German (7-bit) |
20107 | IA5 Swedish (7-bit) |
20108 | IA5 Norwegian (7-bit) |
20127 | US-ASCII (7-bit) |
20261 | T.61 |
20269 | ISO 6937 Non-Spacing Accent |
20273 | IBM EBCDIC - Germany |
20277 | IBM EBCDIC - Denmark/Norway |
20278 | IBM EBCDIC - Finland/Sweden |
20280 | IBM EBCDIC - Italy |
20284 | IBM EBCDIC - Latin America/Spain |
20285 | IBM EBCDIC - United Kingdom |
20290 | IBM EBCDIC - Japanese Katakana Extended |
20297 | IBM EBCDIC - France |
20420 | IBM EBCDIC - Arabic |
20423 | IBM EBCDIC - Greek |
20424 | IBM EBCDIC - Hebrew |
20833 | IBM EBCDIC - Korean Extended |
20838 | IBM EBCDIC - Thai |
20866 | Russian - KOI8-R |
20871 | IBM EBCDIC - Icelandic |
20880 | IBM EBCDIC - Cyrillic (Russian) |
20905 | IBM EBCDIC - Turkish |
20924 | IBM EBCDIC - Latin-1/Open System (1047 + Euro symbol) |
20932 | JIS X 0208-1990 & 0121-1990 |
20936 | Simplified Chinese (GB2312) |
21025 | IBM EBCDIC - Cyrillic (Serbian, Bulgarian) |
21027 | Extended Alpha Lowercase |
21866 | Ukrainian (KOI8-U) |
28591 | ISO 8859-1 Latin I |
28592 | ISO 8859-2 Central Europe |
28593 | ISO 8859-3 Latin 3 |
28594 | ISO 8859-4 Baltic |
28595 | ISO 8859-5 Cyrillic |
28596 | ISO 8859-6 Arabic |
28597 | ISO 8859-7 Greek |
28598 | ISO 8859-8 Hebrew |
28599 | ISO 8859-9 Latin 5 |
28605 | ISO 8859-15 Latin 9 |
29001 | Europa 3 |
38598 | ISO 8859-8 Hebrew |
50220 | ISO 2022 Japanese with no halfwidth Katakana |
50221 | ISO 2022 Japanese with halfwidth Katakana |
50222 | ISO 2022 Japanese JIS X 0201-1989 |
50225 | ISO 2022 Korean |
50227 | ISO 2022 Simplified Chinese |
50229 | ISO 2022 Traditional Chinese |
50930 | Japanese (Katakana) Extended |
50931 | US/Canada and Japanese |
50933 | Korean Extended and Korean |
50935 | Simplified Chinese Extended and Simplified Chinese |
50936 | Simplified Chinese |
50937 | US/Canada and Traditional Chinese |
50939 | Japanese (Latin) Extended and Japanese |
51932 | EUC - Japanese |
51936 | EUC - Simplified Chinese |
51949 | EUC - Korean |
51950 | EUC - Traditional Chinese |
52936 | HZ-GB2312 Simplified Chinese |
54936 | Windows XP: GB18030 Simplified Chinese (4 Byte) |
57002 | ISCII Devanagari |
57003 | ISCII Bengali |
57004 | ISCII Tamil |
57005 | ISCII Telugu |
57006 | ISCII Assamese |
57007 | ISCII Oriya |
57008 | ISCII Kannada |
57009 | ISCII Malayalam |
57010 | ISCII Gujarati |
57011 | ISCII Punjabi |
65000 | Unicode UTF-7 |
65001 | Unicode UTF-8 |
Identifier | Name |
1 | ASCII |
2 | NEXTSTEP |
3 | JapaneseEUC |
4 | UTF8 |
5 | ISOLatin1 |
6 | Symbol |
7 | NonLossyASCII |
8 | ShiftJIS |
9 | ISOLatin2 |
10 | Unicode |
11 | WindowsCP1251 |
12 | WindowsCP1252 |
13 | WindowsCP1253 |
14 | WindowsCP1254 |
15 | WindowsCP1250 |
21 | ISO2022JP |
30 | MacOSRoman |
10 | UTF16String |
0x90000100 | UTF16BigEndian |
0x94000100 | UTF16LittleEndian |
0x8c000100 | UTF32String |
0x98000100 | UTF32BigEndian |
0x9c000100 | UTF32LittleEndian |
65536 | Proprietary |
- Product: The product the license is for.
- Product Key: The key the license was generated from.
- License Source: Where the license was found (e.g., RuntimeLicense, License File).
- License Type: The type of license installed (e.g., Royalty Free, Single Server).
- Last Valid Build: The last valid build number for which the license will work.
This setting only works on these classes: AS3Receiver, AS3Sender, Atom, Client(3DS), FTP, FTPServer, IMAP, OFTPClient, SSHClient, SCP, Server(3DS), Sexec, SFTP, SFTPServer, SSHServer, TCPClient, TCPServer.
Setting this configuration setting to True tells the class to use the internal implementation instead of using the system security libraries.
On Windows, this setting is set to False by default. On Linux/macOS, this setting is set to True by default.
To use the system security libraries for Linux, OpenSSL support must be enabled. For more information on how to enable OpenSSL, please refer to the OpenSSL Notes section.
SNMPAgent Errors
SNMPAgent Errors
201 | Timeout. |
301 | Bad Object Index. |
302 | Value exceeds maximum number of objects allowed. |
303 | The value must be an IP address in dotted format. |
305 | Unsupported SNMP version. |
306 | Unknown PDU type. |
307 | The class is busy performing the current action. |
308 | Verification failed. |
309 | Missing password for Verification. |
310 | Missing signature. |
311 | Missing remote time. |
312 | Missing timeout value. |
313 | Decryption Failed. |
314 | Missing password for decryption. |
315 | Not encrypted. |
316 | Security model not supported. |
317 | Defective packet |
318 | Not from bound point. |
319 | Operation not permitted in current role. |
320 | Bad packet. |
321 | Message not authenticated. |
322 | No such oid. |
323 | Missing privacy parameter. |
324 | Bad engine id. |
325 | Bad time frame. |
326 | Bad user name. |
327 | Security level was not accepted. |
328 | Discovery failed. |
329 | Incorrect key length. |
330 | No authentication password supplied. |
The class may also return one of the following error codes, which are inherited from other classes.
UDP Errors
104 | UDP is already active. |
106 | You cannot change the local_port while the class is active. |
107 | You cannot change the local_host at this time. A connection is in progress. |
109 | The class must be active for this operation. |
112 | You cannot change MaxPacketSize while the class is active. |
113 | You cannot change ShareLocalPort option while the class is active. |
114 | You cannot change remote_host when UseConnection is set and the class active. |
115 | You cannot change remote_port when UseConnection is set and the class is active. |
116 | remote_port cannot be zero when UseConnection is set. Please specify a valid service port number. |
117 | You cannot change UseConnection while the class is active. |
118 | Message cannot be longer than MaxPacketSize. |
119 | Message too short. |
434 | Unable to convert string to selected CodePage. |
SSL Errors
270 | Cannot load specified security library. |
271 | Cannot open certificate store. |
272 | Cannot find specified certificate. |
273 | Cannot acquire security credentials. |
274 | Cannot find certificate chain. |
275 | Cannot verify certificate chain. |
276 | Error during handshake. |
280 | Error verifying certificate. |
281 | Could not find client certificate. |
282 | Could not find server certificate. |
283 | Error encrypting data. |
284 | Error decrypting data. |
TCP/IP Errors
10004 | [10004] Interrupted system call. |
10009 | [10009] Bad file number. |
10013 | [10013] Access denied. |
10014 | [10014] Bad address. |
10022 | [10022] Invalid argument. |
10024 | [10024] Too many open files. |
10035 | [10035] Operation would block. |
10036 | [10036] Operation now in progress. |
10037 | [10037] Operation already in progress. |
10038 | [10038] Socket operation on nonsocket. |
10039 | [10039] Destination address required. |
10040 | [10040] Message is too long. |
10041 | [10041] Protocol wrong type for socket. |
10042 | [10042] Bad protocol option. |
10043 | [10043] Protocol is not supported. |
10044 | [10044] Socket type is not supported. |
10045 | [10045] Operation is not supported on socket. |
10046 | [10046] Protocol family is not supported. |
10047 | [10047] Address family is not supported by protocol family. |
10048 | [10048] Address already in use. |
10049 | [10049] Cannot assign requested address. |
10050 | [10050] Network is down. |
10051 | [10051] Network is unreachable. |
10052 | [10052] Net dropped connection or reset. |
10053 | [10053] Software caused connection abort. |
10054 | [10054] Connection reset by peer. |
10055 | [10055] No buffer space available. |
10056 | [10056] Socket is already connected. |
10057 | [10057] Socket is not connected. |
10058 | [10058] Cannot send after socket shutdown. |
10059 | [10059] Too many references, cannot splice. |
10060 | [10060] Connection timed out. |
10061 | [10061] Connection refused. |
10062 | [10062] Too many levels of symbolic links. |
10063 | [10063] File name is too long. |
10064 | [10064] Host is down. |
10065 | [10065] No route to host. |
10066 | [10066] Directory is not empty |
10067 | [10067] Too many processes. |
10068 | [10068] Too many users. |
10069 | [10069] Disc Quota Exceeded. |
10070 | [10070] Stale NFS file handle. |
10071 | [10071] Too many levels of remote in path. |
10091 | [10091] Network subsystem is unavailable. |
10092 | [10092] WINSOCK DLL Version out of range. |
10093 | [10093] Winsock is not loaded yet. |
11001 | [11001] Host not found. |
11002 | [11002] Nonauthoritative 'Host not found' (try again or check DNS setup). |
11003 | [11003] Nonrecoverable errors: FORMERR, REFUSED, NOTIMP. |
11004 | [11004] Valid name, no data record (check DNS setup). |