SNMPTCPAgent Class

Properties   Methods   Events   Config Settings   Errors  

The SNMPTCPAgent class is used to implement TCP-based SNMP Agent Applications.

Syntax

class ipworkssnmp.SNMPTCPAgent

Remarks

The SNMPTCPAgent class implements a TCP-based standard SNMP Agent as specified in the SNMP RFCs. The class supports SNMP v1, v2c, and v3.

The class provides both encoding/decoding and transport capabilities, making the task of developing a custom SNMP agent as simple as setting a few key properties and handling a few events. SNMP data such as SNMP object id-s (OID-s) are exchanged as text strings, thus further simplifying the task of handling them.

The class is activated/deactivated by calling the activate or deactivate method. These methods enable or disable sending and receiving. The activation status can be found in the active property.

The class operates asynchronously. Requests are received through events such as on_get_request, on_get_bulk_request, on_get_next_request, etc. and the corresponding responses are automatically sent when the events return. Traps are sent through the send_trap method.

SNMPv3 USM security passwords are requested through the on_get_user_password event, and event parameters such as User and SecurityLevel provide information about the security attributes of received requests, and enable granular decision capability about what to provide and what not to provide. The send_secure_trap method is used to send authenticated (secure) SNMPv3 traps.

The add_user, remove_user, show_cache, and clear_cache methods are used to manage an internal authentication cache. This internal cache can be used as an alternative to the on_get_user_password event, automatically checking the cache against the security parameters provided in the request signature.

SNMP OIDs, types, and values are provided in the objects collection of SNMP objects for both sent and received packets.

Other packet information is provided through corresponding event parameters, such as Community, or RequestId.

Property List

The following is the full list of the properties of the class with short descriptions. Click on the links for further details.

Method List

The following is the full list of the methods of the class with short descriptions. Click on the links for further details.

Event List

The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.

Config Settings

The following is a list of config settings for the class with short descriptions. Click on the links for further details.

accept_data Property

Enables or disables data reception.

Syntax

def get_accept_data() -> bool: ...
def set_accept_data(value: bool) -> None: ...

accept_data = property(get_accept_data, set_accept_data)

Default Value

TRUE

Remarks

Setting the property to False temporarily disables data reception. Setting the property to True re-enables data reception.

active Property

Indicates whether the class is active.

Syntax

def get_active() -> bool: ...
def set_active(value: bool) -> None: ...

active = property(get_active, set_active)

Default Value

FALSE

Remarks

This property indicates whether the class is currently active and can send or receive data.

The class will be automatically activated if it is not already and you attempt to perform an operation which requires the class to be active.

Use the activate and deactivate methods to control whether the class is active.

local_engine_id Property

The Engine Id of the SNMP Agent.

Syntax

def get_local_engine_id() -> bytes: ...
def set_local_engine_id(value: bytes) -> None: ...

local_engine_id = property(get_local_engine_id, set_local_engine_id)

Default Value

""

Remarks

This property is only used for SNMPv3 packets (when snmp_version is 3).

local_host Property

The name of the local host or user-assigned IP interface through which connections are initiated or accepted.

Syntax

def get_local_host() -> str: ...
def set_local_host(value: str) -> None: ...

local_host = property(get_local_host, set_local_host)

Default Value

""

Remarks

This property contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.

In multihomed hosts (machines with more than one IP interface) setting LocalHost to the IP address of an interface will make the class initiate connections (or accept in the case of server classs) only through that interface. It is recommended to provide an IP address rather than a hostname when setting this property to ensure the desired interface is used.

If the class is connected, the local_host property shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multihomed hosts (machines with more than one IP interface).

Note: local_host is not persistent. You must always set it in code, and never in the property window.

local_port Property

The port in the local host where the class listens.

Syntax

def get_local_port() -> int: ...
def set_local_port(value: int) -> None: ...

local_port = property(get_local_port, set_local_port)

Default Value

161

Remarks

The local_port property must be set before the class is activated (active is set to True). It instructs the class to bind to a specific port (or communication endpoint) in the local machine (default 161).

You may also set local_port to 0. This allows the TCP/IP stack to choose a port at random. The value chosen is provided via the local_port property after the class is activated through the active property.

local_port cannot be changed once the class is active. Any attempt to set the local_port property when the class is active will generate an error.

Note: on macOS and iOS, root permissions are required to set local_port to any value below 1024.

obj_count Property

The number of records in the Obj arrays.

Syntax

def get_obj_count() -> int: ...
def set_obj_count(value: int) -> None: ...

obj_count = property(get_obj_count, set_obj_count)

Default Value

0

Remarks

This property controls the size of the following arrays:

• obj_id
• obj_type
• obj_type_string
• obj_value

The array indices start at 0 and end at obj_count - 1.

obj_type Property

The current object's type.

Syntax

def get_obj_type(obj_index: int) -> int: ...
def set_obj_type(obj_index: int, value: int) -> None: ...

Default Value

5

Remarks

The current object's type. The default type is NULL (5).

The corresponding object id and value are specified by the obj_oid and obj_value properties.

Possible object type values include:

The class also supports the following artificial object values used to designate error conditions:

The obj_index parameter specifies the index of the item in the array. The size of the array is controlled by the obj_count property.

obj_id Property

The current object's id which is encoded as a string of numbers separated by periods.

Syntax

def get_obj_id(obj_index: int) -> str: ...
def set_obj_id(obj_index: int, value: str) -> None: ...

Default Value

""

Remarks

The current object's id which is encoded as a string of numbers separated by periods. For instance: "1.3.6.1.2.1.1.1.0" (OID for "system description").

The corresponding object type and value (if any) are specified by the object_type and obj_value properties.

Example

SNMPControl.ObjCount = 1 SNMPControl.ObjId(0) = "1.3.6.1.2.1.1.1.0"

The obj_index parameter specifies the index of the item in the array. The size of the array is controlled by the obj_count property.

obj_type_string Property

A string representation of the current object's ObjectType .

Syntax

def get_obj_type_string(obj_index: int) -> str: ...

Default Value

""

Remarks

A string representation of the current object's object_type.

The corresponding object id and value are specified by the obj_oid and obj_value properties.

The obj_index parameter specifies the index of the item in the array. The size of the array is controlled by the obj_count property.

This property is read-only.

obj_value Property

The current object's value.

Syntax

def get_obj_value(obj_index: int) -> bytes: ...
def set_obj_value(obj_index: int, value: bytes) -> None: ...

Default Value

""

Remarks

The current object's value. The corresponding object id and type are specified by the obj_oid and object_type properties.

Example

SNMPControl.ObjCount = 1 SNMPControl.ObjId(0) = "1.3.6.1.2.1.1.1.0" SNMPControl.ObjValue(0) = "New Value"

The obj_index parameter specifies the index of the item in the array. The size of the array is controlled by the obj_count property.

request_id Property

The request-id to mark outgoing packets with.

Syntax

def get_request_id() -> int: ...
def set_request_id(value: int) -> None: ...

request_id = property(get_request_id, set_request_id)

Default Value

1

Remarks

If a custom value is needed for request_id, the property must be set before sending the request. The class increments request_id automatically after sending each packet.

snmp_version Property

Version of SNMP used for outgoing requests (traps).

Syntax

def get_snmp_version() -> int: ...
def set_snmp_version(value: int) -> None: ...

snmp_version = property(get_snmp_version, set_snmp_version)

Default Value

2

Remarks

This property takes one of the following values:

ssl_accept_server_cert_effective_date Property

The date on which this certificate becomes valid.

Syntax

def get_ssl_accept_server_cert_effective_date() -> str: ...

ssl_accept_server_cert_effective_date = property(get_ssl_accept_server_cert_effective_date, None)

Default Value

""

Remarks

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

This property is read-only.

ssl_accept_server_cert_expiration_date Property

The date on which the certificate expires.

Syntax

def get_ssl_accept_server_cert_expiration_date() -> str: ...

ssl_accept_server_cert_expiration_date = property(get_ssl_accept_server_cert_expiration_date, None)

Default Value

""

Remarks

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

This property is read-only.

ssl_accept_server_cert_extended_key_usage Property

A comma-delimited list of extended key usage identifiers.

Syntax

def get_ssl_accept_server_cert_extended_key_usage() -> str: ...

ssl_accept_server_cert_extended_key_usage = property(get_ssl_accept_server_cert_extended_key_usage, None)

Default Value

""

Remarks

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

This property is read-only.

ssl_accept_server_cert_fingerprint Property

The hex-encoded, 16-byte MD5 fingerprint of the certificate.

Syntax

def get_ssl_accept_server_cert_fingerprint() -> str: ...

ssl_accept_server_cert_fingerprint = property(get_ssl_accept_server_cert_fingerprint, None)

Default Value

""

Remarks

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

This property is read-only.

ssl_accept_server_cert_fingerprint_sha1 Property

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.

Syntax

def get_ssl_accept_server_cert_fingerprint_sha1() -> str: ...

ssl_accept_server_cert_fingerprint_sha1 = property(get_ssl_accept_server_cert_fingerprint_sha1, None)

Default Value

""

Remarks

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

This property is read-only.

ssl_accept_server_cert_fingerprint_sha256 Property

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.

Syntax

def get_ssl_accept_server_cert_fingerprint_sha256() -> str: ...

ssl_accept_server_cert_fingerprint_sha256 = property(get_ssl_accept_server_cert_fingerprint_sha256, None)

Default Value

""

Remarks

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

This property is read-only.

ssl_accept_server_cert_issuer Property

The issuer of the certificate.

Syntax

def get_ssl_accept_server_cert_issuer() -> str: ...

ssl_accept_server_cert_issuer = property(get_ssl_accept_server_cert_issuer, None)

Default Value

""

Remarks

The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.

This property is read-only.

ssl_accept_server_cert_private_key Property

The private key of the certificate (if available).

Syntax

def get_ssl_accept_server_cert_private_key() -> str: ...

ssl_accept_server_cert_private_key = property(get_ssl_accept_server_cert_private_key, None)

Default Value

""

Remarks

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The ssl_accept_server_cert_private_key may be available but not exportable. In this case, ssl_accept_server_cert_private_key returns an empty string.

This property is read-only.

ssl_accept_server_cert_private_key_available Property

Whether a PrivateKey is available for the selected certificate.

Syntax

def get_ssl_accept_server_cert_private_key_available() -> bool: ...

ssl_accept_server_cert_private_key_available = property(get_ssl_accept_server_cert_private_key_available, None)

Default Value

FALSE

Remarks

Whether a ssl_accept_server_cert_private_key is available for the selected certificate. If ssl_accept_server_cert_private_key_available is True, the certificate may be used for authentication purposes (e.g., server authentication).

This property is read-only.

ssl_accept_server_cert_private_key_container Property

The name of the PrivateKey container for the certificate (if available).

Syntax

def get_ssl_accept_server_cert_private_key_container() -> str: ...

ssl_accept_server_cert_private_key_container = property(get_ssl_accept_server_cert_private_key_container, None)

Default Value

""

Remarks

The name of the ssl_accept_server_cert_private_key container for the certificate (if available). This functionality is available only on Windows platforms.

This property is read-only.

ssl_accept_server_cert_public_key Property

The public key of the certificate.

Syntax

def get_ssl_accept_server_cert_public_key() -> str: ...

ssl_accept_server_cert_public_key = property(get_ssl_accept_server_cert_public_key, None)

Default Value

""

Remarks

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

This property is read-only.

ssl_accept_server_cert_public_key_algorithm Property

The textual description of the certificate's public key algorithm.

Syntax

def get_ssl_accept_server_cert_public_key_algorithm() -> str: ...

ssl_accept_server_cert_public_key_algorithm = property(get_ssl_accept_server_cert_public_key_algorithm, None)

Default Value

""

Remarks

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

This property is read-only.

ssl_accept_server_cert_public_key_length Property

The length of the certificate's public key (in bits).

Syntax

def get_ssl_accept_server_cert_public_key_length() -> int: ...

ssl_accept_server_cert_public_key_length = property(get_ssl_accept_server_cert_public_key_length, None)

Default Value

0

Remarks

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

This property is read-only.

ssl_accept_server_cert_serial_number Property

The serial number of the certificate encoded as a string.

Syntax

def get_ssl_accept_server_cert_serial_number() -> str: ...

ssl_accept_server_cert_serial_number = property(get_ssl_accept_server_cert_serial_number, None)

Default Value

""

Remarks

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

This property is read-only.

ssl_accept_server_cert_signature_algorithm Property

The text description of the certificate's signature algorithm.

Syntax

def get_ssl_accept_server_cert_signature_algorithm() -> str: ...

ssl_accept_server_cert_signature_algorithm = property(get_ssl_accept_server_cert_signature_algorithm, None)

Default Value

""

Remarks

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

This property is read-only.

ssl_accept_server_cert_store Property

The name of the certificate store for the client certificate.

Syntax

def get_ssl_accept_server_cert_store() -> bytes: ...
def set_ssl_accept_server_cert_store(value: bytes) -> None: ...

ssl_accept_server_cert_store = property(get_ssl_accept_server_cert_store, set_ssl_accept_server_cert_store)

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The ssl_accept_server_cert_store_type property denotes the type of the certificate store specified by ssl_accept_server_cert_store. If the store is password-protected, specify the password in ssl_accept_server_cert_store_password.

ssl_accept_server_cert_store is used in conjunction with the ssl_accept_server_cert_subject property to specify client certificates. If ssl_accept_server_cert_store has a value, and ssl_accept_server_cert_subject or ssl_accept_server_cert_encoded is set, a search for a certificate is initiated. Please see the ssl_accept_server_cert_subject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

ssl_accept_server_cert_store_password Property

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

def get_ssl_accept_server_cert_store_password() -> str: ...
def set_ssl_accept_server_cert_store_password(value: str) -> None: ...

ssl_accept_server_cert_store_password = property(get_ssl_accept_server_cert_store_password, set_ssl_accept_server_cert_store_password)

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

ssl_accept_server_cert_store_type Property

The type of certificate store for this certificate.

Syntax

def get_ssl_accept_server_cert_store_type() -> int: ...
def set_ssl_accept_server_cert_store_type(value: int) -> None: ...

ssl_accept_server_cert_store_type = property(get_ssl_accept_server_cert_store_type, set_ssl_accept_server_cert_store_type)

Default Value

0

Remarks

The type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:

ssl_accept_server_cert_subject_alt_names Property

Comma-separated lists of alternative subject names for the certificate.

Syntax

def get_ssl_accept_server_cert_subject_alt_names() -> str: ...

ssl_accept_server_cert_subject_alt_names = property(get_ssl_accept_server_cert_subject_alt_names, None)

Default Value

""

Remarks

Comma-separated lists of alternative subject names for the certificate.

This property is read-only.

ssl_accept_server_cert_thumbprint_md5 Property

The MD5 hash of the certificate.

Syntax

def get_ssl_accept_server_cert_thumbprint_md5() -> str: ...

ssl_accept_server_cert_thumbprint_md5 = property(get_ssl_accept_server_cert_thumbprint_md5, None)

Default Value

""

Remarks

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssl_accept_server_cert_thumbprint_sha1 Property

The SHA-1 hash of the certificate.

Syntax

def get_ssl_accept_server_cert_thumbprint_sha1() -> str: ...

ssl_accept_server_cert_thumbprint_sha1 = property(get_ssl_accept_server_cert_thumbprint_sha1, None)

Default Value

""

Remarks

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssl_accept_server_cert_thumbprint_sha256 Property

The SHA-256 hash of the certificate.

Syntax

def get_ssl_accept_server_cert_thumbprint_sha256() -> str: ...

ssl_accept_server_cert_thumbprint_sha256 = property(get_ssl_accept_server_cert_thumbprint_sha256, None)

Default Value

""

Remarks

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssl_accept_server_cert_usage Property

The text description of UsageFlags .

Syntax

def get_ssl_accept_server_cert_usage() -> str: ...

ssl_accept_server_cert_usage = property(get_ssl_accept_server_cert_usage, None)

Default Value

""

Remarks

The text description of ssl_accept_server_cert_usage_flags.

This value will be one or more of the following strings and will be separated by commas:

• Digital Signature
• Non-Repudiation
• Key Encipherment
• Data Encipherment
• Key Agreement
• Certificate Signing
• CRL Signing
• Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

This property is read-only.

ssl_accept_server_cert_usage_flags Property

The flags that show intended use for the certificate.

Syntax

def get_ssl_accept_server_cert_usage_flags() -> int: ...

ssl_accept_server_cert_usage_flags = property(get_ssl_accept_server_cert_usage_flags, None)

Default Value

0

Remarks

The flags that show intended use for the certificate. The value of ssl_accept_server_cert_usage_flags is a combination of the following flags:

Please see the ssl_accept_server_cert_usage property for a text representation of ssl_accept_server_cert_usage_flags.

This functionality currently is not available when the provider is OpenSSL.

This property is read-only.

ssl_accept_server_cert_version Property

The certificate's version number.

Syntax

def get_ssl_accept_server_cert_version() -> str: ...

ssl_accept_server_cert_version = property(get_ssl_accept_server_cert_version, None)

Default Value

""

Remarks

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

This property is read-only.

ssl_accept_server_cert_subject Property

The subject of the certificate used for client authentication.

Syntax

def get_ssl_accept_server_cert_subject() -> str: ...
def set_ssl_accept_server_cert_subject(value: str) -> None: ...

ssl_accept_server_cert_subject = property(get_ssl_accept_server_cert_subject, set_ssl_accept_server_cert_subject)

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

ssl_accept_server_cert_encoded Property

The certificate (PEM/Base64 encoded).

Syntax

def get_ssl_accept_server_cert_encoded() -> bytes: ...
def set_ssl_accept_server_cert_encoded(value: bytes) -> None: ...

ssl_accept_server_cert_encoded = property(get_ssl_accept_server_cert_encoded, set_ssl_accept_server_cert_encoded)

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The ssl_accept_server_cert_store and ssl_accept_server_cert_subject properties also may be used to specify a certificate.

When ssl_accept_server_cert_encoded is set, a search is initiated in the current ssl_accept_server_cert_store for the private key of the certificate. If the key is found, ssl_accept_server_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, ssl_accept_server_cert_subject is set to an empty string.

ssl_authenticate_clients Property

If set to True, the server asks the client(s) for a certificate.

Syntax

def get_ssl_authenticate_clients() -> bool: ...
def set_ssl_authenticate_clients(value: bool) -> None: ...

ssl_authenticate_clients = property(get_ssl_authenticate_clients, set_ssl_authenticate_clients)

Default Value

FALSE

Remarks

This property is used in conjunction with the on_ssl_client_authentication event. Please refer to the documentation of the on_ssl_client_authentication event for details.

ssl_cert_effective_date Property

The date on which this certificate becomes valid.

Syntax

def get_ssl_cert_effective_date() -> str: ...

ssl_cert_effective_date = property(get_ssl_cert_effective_date, None)

Default Value

""

Remarks

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

This property is read-only.

ssl_cert_expiration_date Property

The date on which the certificate expires.

Syntax

def get_ssl_cert_expiration_date() -> str: ...

ssl_cert_expiration_date = property(get_ssl_cert_expiration_date, None)

Default Value

""

Remarks

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

This property is read-only.

ssl_cert_extended_key_usage Property

A comma-delimited list of extended key usage identifiers.

Syntax

def get_ssl_cert_extended_key_usage() -> str: ...

ssl_cert_extended_key_usage = property(get_ssl_cert_extended_key_usage, None)

Default Value

""

Remarks

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

This property is read-only.

ssl_cert_fingerprint Property

The hex-encoded, 16-byte MD5 fingerprint of the certificate.

Syntax

def get_ssl_cert_fingerprint() -> str: ...

ssl_cert_fingerprint = property(get_ssl_cert_fingerprint, None)

Default Value

""

Remarks

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

This property is read-only.

ssl_cert_fingerprint_sha1 Property

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.

Syntax

def get_ssl_cert_fingerprint_sha1() -> str: ...

ssl_cert_fingerprint_sha1 = property(get_ssl_cert_fingerprint_sha1, None)

Default Value

""

Remarks

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

This property is read-only.

ssl_cert_fingerprint_sha256 Property

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.

Syntax

def get_ssl_cert_fingerprint_sha256() -> str: ...

ssl_cert_fingerprint_sha256 = property(get_ssl_cert_fingerprint_sha256, None)

Default Value

""

Remarks

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

This property is read-only.

ssl_cert_issuer Property

The issuer of the certificate.

Syntax

def get_ssl_cert_issuer() -> str: ...

ssl_cert_issuer = property(get_ssl_cert_issuer, None)

Default Value

""

Remarks

The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.

This property is read-only.

ssl_cert_private_key Property

The private key of the certificate (if available).

Syntax

def get_ssl_cert_private_key() -> str: ...

ssl_cert_private_key = property(get_ssl_cert_private_key, None)

Default Value

""

Remarks

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The ssl_cert_private_key may be available but not exportable. In this case, ssl_cert_private_key returns an empty string.

This property is read-only.

ssl_cert_private_key_available Property

Whether a PrivateKey is available for the selected certificate.

Syntax

def get_ssl_cert_private_key_available() -> bool: ...

ssl_cert_private_key_available = property(get_ssl_cert_private_key_available, None)

Default Value

FALSE

Remarks

Whether a ssl_cert_private_key is available for the selected certificate. If ssl_cert_private_key_available is True, the certificate may be used for authentication purposes (e.g., server authentication).

This property is read-only.

ssl_cert_private_key_container Property

The name of the PrivateKey container for the certificate (if available).

Syntax

def get_ssl_cert_private_key_container() -> str: ...

ssl_cert_private_key_container = property(get_ssl_cert_private_key_container, None)

Default Value

""

Remarks

The name of the ssl_cert_private_key container for the certificate (if available). This functionality is available only on Windows platforms.

This property is read-only.

ssl_cert_public_key Property

The public key of the certificate.

Syntax

def get_ssl_cert_public_key() -> str: ...

ssl_cert_public_key = property(get_ssl_cert_public_key, None)

Default Value

""

Remarks

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

This property is read-only.

ssl_cert_public_key_algorithm Property

The textual description of the certificate's public key algorithm.

Syntax

def get_ssl_cert_public_key_algorithm() -> str: ...

ssl_cert_public_key_algorithm = property(get_ssl_cert_public_key_algorithm, None)

Default Value

""

Remarks

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

This property is read-only.

ssl_cert_public_key_length Property

The length of the certificate's public key (in bits).

Syntax

def get_ssl_cert_public_key_length() -> int: ...

ssl_cert_public_key_length = property(get_ssl_cert_public_key_length, None)

Default Value

0

Remarks

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

This property is read-only.

ssl_cert_serial_number Property

The serial number of the certificate encoded as a string.

Syntax

def get_ssl_cert_serial_number() -> str: ...

ssl_cert_serial_number = property(get_ssl_cert_serial_number, None)

Default Value

""

Remarks

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

This property is read-only.

ssl_cert_signature_algorithm Property

The text description of the certificate's signature algorithm.

Syntax

def get_ssl_cert_signature_algorithm() -> str: ...

ssl_cert_signature_algorithm = property(get_ssl_cert_signature_algorithm, None)

Default Value

""

Remarks

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

This property is read-only.

ssl_cert_store Property

The name of the certificate store for the client certificate.

Syntax

def get_ssl_cert_store() -> bytes: ...
def set_ssl_cert_store(value: bytes) -> None: ...

ssl_cert_store = property(get_ssl_cert_store, set_ssl_cert_store)

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The ssl_cert_store_type property denotes the type of the certificate store specified by ssl_cert_store. If the store is password-protected, specify the password in ssl_cert_store_password.

ssl_cert_store is used in conjunction with the ssl_cert_subject property to specify client certificates. If ssl_cert_store has a value, and ssl_cert_subject or ssl_cert_encoded is set, a search for a certificate is initiated. Please see the ssl_cert_subject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

ssl_cert_store_password Property

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

def get_ssl_cert_store_password() -> str: ...
def set_ssl_cert_store_password(value: str) -> None: ...

ssl_cert_store_password = property(get_ssl_cert_store_password, set_ssl_cert_store_password)

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

ssl_cert_store_type Property

The type of certificate store for this certificate.

Syntax

def get_ssl_cert_store_type() -> int: ...
def set_ssl_cert_store_type(value: int) -> None: ...

ssl_cert_store_type = property(get_ssl_cert_store_type, set_ssl_cert_store_type)

Default Value

0

Remarks

The type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:

ssl_cert_subject_alt_names Property

Comma-separated lists of alternative subject names for the certificate.

Syntax

def get_ssl_cert_subject_alt_names() -> str: ...

ssl_cert_subject_alt_names = property(get_ssl_cert_subject_alt_names, None)

Default Value

""

Remarks

Comma-separated lists of alternative subject names for the certificate.

This property is read-only.

ssl_cert_thumbprint_md5 Property

The MD5 hash of the certificate.

Syntax

def get_ssl_cert_thumbprint_md5() -> str: ...

ssl_cert_thumbprint_md5 = property(get_ssl_cert_thumbprint_md5, None)

Default Value

""

Remarks

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssl_cert_thumbprint_sha1 Property

The SHA-1 hash of the certificate.

Syntax

def get_ssl_cert_thumbprint_sha1() -> str: ...

ssl_cert_thumbprint_sha1 = property(get_ssl_cert_thumbprint_sha1, None)

Default Value

""

Remarks

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssl_cert_thumbprint_sha256 Property

The SHA-256 hash of the certificate.

Syntax

def get_ssl_cert_thumbprint_sha256() -> str: ...

ssl_cert_thumbprint_sha256 = property(get_ssl_cert_thumbprint_sha256, None)

Default Value

""

Remarks

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssl_cert_usage Property

The text description of UsageFlags .

Syntax

def get_ssl_cert_usage() -> str: ...

ssl_cert_usage = property(get_ssl_cert_usage, None)

Default Value

""

Remarks

The text description of ssl_cert_usage_flags.

This value will be one or more of the following strings and will be separated by commas:

• Digital Signature
• Non-Repudiation
• Key Encipherment
• Data Encipherment
• Key Agreement
• Certificate Signing
• CRL Signing
• Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

This property is read-only.

ssl_cert_usage_flags Property

The flags that show intended use for the certificate.

Syntax

def get_ssl_cert_usage_flags() -> int: ...

ssl_cert_usage_flags = property(get_ssl_cert_usage_flags, None)

Default Value

0

Remarks

The flags that show intended use for the certificate. The value of ssl_cert_usage_flags is a combination of the following flags:

Please see the ssl_cert_usage property for a text representation of ssl_cert_usage_flags.

This functionality currently is not available when the provider is OpenSSL.

This property is read-only.

ssl_cert_version Property

The certificate's version number.

Syntax

def get_ssl_cert_version() -> str: ...

ssl_cert_version = property(get_ssl_cert_version, None)

Default Value

""

Remarks

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

This property is read-only.

ssl_cert_subject Property

The subject of the certificate used for client authentication.

Syntax

def get_ssl_cert_subject() -> str: ...
def set_ssl_cert_subject(value: str) -> None: ...

ssl_cert_subject = property(get_ssl_cert_subject, set_ssl_cert_subject)

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

ssl_cert_encoded Property

The certificate (PEM/Base64 encoded).

Syntax

def get_ssl_cert_encoded() -> bytes: ...
def set_ssl_cert_encoded(value: bytes) -> None: ...

ssl_cert_encoded = property(get_ssl_cert_encoded, set_ssl_cert_encoded)

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The ssl_cert_store and ssl_cert_subject properties also may be used to specify a certificate.

When ssl_cert_encoded is set, a search is initiated in the current ssl_cert_store for the private key of the certificate. If the key is found, ssl_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, ssl_cert_subject is set to an empty string.

ssl_enabled Property

Whether TLS/SSL is enabled.

Syntax

def get_ssl_enabled() -> bool: ...
def set_ssl_enabled(value: bool) -> None: ...

ssl_enabled = property(get_ssl_enabled, set_ssl_enabled)

Default Value

FALSE

Remarks

This setting specifies whether TLS/SSL is enabled in the class. When False (default) the class operates in plaintext mode. When True TLS/SSL is enabled.

ssl_server_cert_effective_date Property

The date on which this certificate becomes valid.

Syntax

def get_ssl_server_cert_effective_date() -> str: ...

ssl_server_cert_effective_date = property(get_ssl_server_cert_effective_date, None)

Default Value

""

Remarks

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

This property is read-only.

ssl_server_cert_expiration_date Property

The date on which the certificate expires.

Syntax

def get_ssl_server_cert_expiration_date() -> str: ...

ssl_server_cert_expiration_date = property(get_ssl_server_cert_expiration_date, None)

Default Value

""

Remarks

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

This property is read-only.

ssl_server_cert_extended_key_usage Property

A comma-delimited list of extended key usage identifiers.

Syntax

def get_ssl_server_cert_extended_key_usage() -> str: ...

ssl_server_cert_extended_key_usage = property(get_ssl_server_cert_extended_key_usage, None)

Default Value

""

Remarks

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

This property is read-only.

ssl_server_cert_fingerprint Property

The hex-encoded, 16-byte MD5 fingerprint of the certificate.

Syntax

def get_ssl_server_cert_fingerprint() -> str: ...

ssl_server_cert_fingerprint = property(get_ssl_server_cert_fingerprint, None)

Default Value

""

Remarks

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

This property is read-only.

ssl_server_cert_fingerprint_sha1 Property

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.

Syntax

def get_ssl_server_cert_fingerprint_sha1() -> str: ...

ssl_server_cert_fingerprint_sha1 = property(get_ssl_server_cert_fingerprint_sha1, None)

Default Value

""

Remarks

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

This property is read-only.

ssl_server_cert_fingerprint_sha256 Property

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.

Syntax

def get_ssl_server_cert_fingerprint_sha256() -> str: ...

ssl_server_cert_fingerprint_sha256 = property(get_ssl_server_cert_fingerprint_sha256, None)

Default Value

""

Remarks

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

This property is read-only.

ssl_server_cert_issuer Property

The issuer of the certificate.

Syntax

def get_ssl_server_cert_issuer() -> str: ...

ssl_server_cert_issuer = property(get_ssl_server_cert_issuer, None)

Default Value

""

Remarks

The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.

This property is read-only.

ssl_server_cert_private_key Property

The private key of the certificate (if available).

Syntax

def get_ssl_server_cert_private_key() -> str: ...

ssl_server_cert_private_key = property(get_ssl_server_cert_private_key, None)

Default Value

""

Remarks

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The ssl_server_cert_private_key may be available but not exportable. In this case, ssl_server_cert_private_key returns an empty string.

This property is read-only.

ssl_server_cert_private_key_available Property

Whether a PrivateKey is available for the selected certificate.

Syntax

def get_ssl_server_cert_private_key_available() -> bool: ...

ssl_server_cert_private_key_available = property(get_ssl_server_cert_private_key_available, None)

Default Value

FALSE

Remarks

Whether a ssl_server_cert_private_key is available for the selected certificate. If ssl_server_cert_private_key_available is True, the certificate may be used for authentication purposes (e.g., server authentication).

This property is read-only.

ssl_server_cert_private_key_container Property

The name of the PrivateKey container for the certificate (if available).

Syntax

def get_ssl_server_cert_private_key_container() -> str: ...

ssl_server_cert_private_key_container = property(get_ssl_server_cert_private_key_container, None)

Default Value

""

Remarks

The name of the ssl_server_cert_private_key container for the certificate (if available). This functionality is available only on Windows platforms.

This property is read-only.

ssl_server_cert_public_key Property

The public key of the certificate.

Syntax

def get_ssl_server_cert_public_key() -> str: ...

ssl_server_cert_public_key = property(get_ssl_server_cert_public_key, None)

Default Value

""

Remarks

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

This property is read-only.

ssl_server_cert_public_key_algorithm Property

The textual description of the certificate's public key algorithm.

Syntax

def get_ssl_server_cert_public_key_algorithm() -> str: ...

ssl_server_cert_public_key_algorithm = property(get_ssl_server_cert_public_key_algorithm, None)

Default Value

""

Remarks

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

This property is read-only.

ssl_server_cert_public_key_length Property

The length of the certificate's public key (in bits).

Syntax

def get_ssl_server_cert_public_key_length() -> int: ...

ssl_server_cert_public_key_length = property(get_ssl_server_cert_public_key_length, None)

Default Value

0

Remarks

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

This property is read-only.

ssl_server_cert_serial_number Property

The serial number of the certificate encoded as a string.

Syntax

def get_ssl_server_cert_serial_number() -> str: ...

ssl_server_cert_serial_number = property(get_ssl_server_cert_serial_number, None)

Default Value

""

Remarks

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

This property is read-only.

ssl_server_cert_signature_algorithm Property

The text description of the certificate's signature algorithm.

Syntax

def get_ssl_server_cert_signature_algorithm() -> str: ...

ssl_server_cert_signature_algorithm = property(get_ssl_server_cert_signature_algorithm, None)

Default Value

""

Remarks

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

This property is read-only.

ssl_server_cert_store Property

The name of the certificate store for the client certificate.

Syntax

def get_ssl_server_cert_store() -> bytes: ...

ssl_server_cert_store = property(get_ssl_server_cert_store, None)

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The ssl_server_cert_store_type property denotes the type of the certificate store specified by ssl_server_cert_store. If the store is password-protected, specify the password in ssl_server_cert_store_password.

ssl_server_cert_store is used in conjunction with the ssl_server_cert_subject property to specify client certificates. If ssl_server_cert_store has a value, and ssl_server_cert_subject or ssl_server_cert_encoded is set, a search for a certificate is initiated. Please see the ssl_server_cert_subject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

This property is read-only.

ssl_server_cert_store_password Property

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

def get_ssl_server_cert_store_password() -> str: ...

ssl_server_cert_store_password = property(get_ssl_server_cert_store_password, None)

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

This property is read-only.

ssl_server_cert_store_type Property

The type of certificate store for this certificate.

Syntax

def get_ssl_server_cert_store_type() -> int: ...

ssl_server_cert_store_type = property(get_ssl_server_cert_store_type, None)

Default Value

0

Remarks

The type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:

This property is read-only.

ssl_server_cert_subject_alt_names Property

Comma-separated lists of alternative subject names for the certificate.

Syntax

def get_ssl_server_cert_subject_alt_names() -> str: ...

ssl_server_cert_subject_alt_names = property(get_ssl_server_cert_subject_alt_names, None)

Default Value

""

Remarks

Comma-separated lists of alternative subject names for the certificate.

This property is read-only.

ssl_server_cert_thumbprint_md5 Property

The MD5 hash of the certificate.

Syntax

def get_ssl_server_cert_thumbprint_md5() -> str: ...

ssl_server_cert_thumbprint_md5 = property(get_ssl_server_cert_thumbprint_md5, None)

Default Value

""

Remarks

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssl_server_cert_thumbprint_sha1 Property

The SHA-1 hash of the certificate.

Syntax

def get_ssl_server_cert_thumbprint_sha1() -> str: ...

ssl_server_cert_thumbprint_sha1 = property(get_ssl_server_cert_thumbprint_sha1, None)

Default Value

""

Remarks

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssl_server_cert_thumbprint_sha256 Property

The SHA-256 hash of the certificate.

Syntax

def get_ssl_server_cert_thumbprint_sha256() -> str: ...

ssl_server_cert_thumbprint_sha256 = property(get_ssl_server_cert_thumbprint_sha256, None)

Default Value

""

Remarks

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

ssl_server_cert_usage Property

The text description of UsageFlags .

Syntax

def get_ssl_server_cert_usage() -> str: ...

ssl_server_cert_usage = property(get_ssl_server_cert_usage, None)

Default Value

""

Remarks

The text description of ssl_server_cert_usage_flags.

This value will be one or more of the following strings and will be separated by commas:

• Digital Signature
• Non-Repudiation
• Key Encipherment
• Data Encipherment
• Key Agreement
• Certificate Signing
• CRL Signing
• Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

This property is read-only.

ssl_server_cert_usage_flags Property

The flags that show intended use for the certificate.

Syntax

def get_ssl_server_cert_usage_flags() -> int: ...

ssl_server_cert_usage_flags = property(get_ssl_server_cert_usage_flags, None)

Default Value

0

Remarks

The flags that show intended use for the certificate. The value of ssl_server_cert_usage_flags is a combination of the following flags:

Please see the ssl_server_cert_usage property for a text representation of ssl_server_cert_usage_flags.

This functionality currently is not available when the provider is OpenSSL.

This property is read-only.

ssl_server_cert_version Property

The certificate's version number.

Syntax

def get_ssl_server_cert_version() -> str: ...

ssl_server_cert_version = property(get_ssl_server_cert_version, None)

Default Value

""

Remarks

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

This property is read-only.

ssl_server_cert_subject Property

The subject of the certificate used for client authentication.

Syntax

def get_ssl_server_cert_subject() -> str: ...

ssl_server_cert_subject = property(get_ssl_server_cert_subject, None)

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

This property is read-only.

ssl_server_cert_encoded Property

The certificate (PEM/Base64 encoded).

Syntax

def get_ssl_server_cert_encoded() -> bytes: ...

ssl_server_cert_encoded = property(get_ssl_server_cert_encoded, None)

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The ssl_server_cert_store and ssl_server_cert_subject properties also may be used to specify a certificate.

When ssl_server_cert_encoded is set, a search is initiated in the current ssl_server_cert_store for the private key of the certificate. If the key is found, ssl_server_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, ssl_server_cert_subject is set to an empty string.

This property is read-only.

sys_up_time Property

Time passed since the agent was initialized (in hundredths of a second).

Syntax

def get_sys_up_time() -> int: ...
def set_sys_up_time(value: int) -> None: ...

sys_up_time = property(get_sys_up_time, set_sys_up_time)

Default Value

0

Remarks

This property is used when sending SNMP traps, and it normally provides the time since the system was restarted in 1/100s of a second.

If another value is desired, you may set this property to a custom value. From that point on, sys_up_time will return the value set plus time elapsed.

activate Method

Activates the class.

Syntax

def activate() -> None: ...

Remarks

This method activates the component and will allow it to send or receive data.

The class will be automatically activated if it is not already and you attempt to perform an operation which requires the class to be active.

Note: Use the active property to check whether the component is active.

add_user Method

Adds a user to the internal authentication cache.

Syntax

def add_user(user: str, authentication_protocol: int, authentication_password: str, encryption_algorithm: int, encryption_password: str) -> None: ...

Remarks

The internal authentication cache can be used as an alternative to the on_get_user_password event, automatically checking the cache against the security parameters provided in the request signature.

The show_cache method is used to show the contents of the internal authentication cache.

The clear_cache method can be used to completely clear the cache.

Valid Authentication Protocols are:

Valid Encryption Algorithms are:

NOTE: Specifying an authentication protocol of 0 is a special case where the class will attempt to verify users with all valid authentication protocols.

clear_cache Method

Clears the internal authentication database.

Syntax

def clear_cache() -> None: ...

Remarks

All user records are removed from the internal authentication cache as a result of this call.

config Method

Sets or retrieves a configuration setting.

Syntax

def config(configuration_string: str) -> str: ...

Remarks

config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.

These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the config method.

To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).

To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.

deactivate Method

Deactivates the class.

Syntax

def deactivate() -> None: ...

Remarks

This method deactivates the component and will prohibit it from sending and receiving data.

Note: Use the active property to check whether the component is active.

do_events Method

This method processes events from the internal message queue.

Syntax

def do_events() -> None: ...

Remarks

When do_events is called, the class processes any available events. If no events are available, it waits for a preset period of time, and then returns.

hash_passwords Method

Hashes all passwords in the cache.

Syntax

def hash_passwords() -> None: ...

Remarks

Forces computation of all passwords hashes in the cache. Used together with the on_hash_password event to enable implementations of external password hash storage.

remove_user Method

Removes the user specified by User from the internal authentication cache.

Syntax

def remove_user(user: str) -> None: ...

Remarks

The internal authentication cache can be used as an alternative to the on_get_user_password event, automatically checking the cache against the security parameters provided in the request signature.

The show_cache method is used to show the contents of the internal authentication cache.

The clear_cache method can be used to completely clear the cache.

reset Method

Clears the object arrays.

Syntax

def reset() -> None: ...

Remarks

Clears the object arrays, and sets the trap and error properties to their default values. This is useful for reinitializing all the properties that are used to create outgoing packets before building a new packet.

Note: snmp_version will be reset to snmpverV2c (2).

send_response Method

Sends a response packet to a Get, Get-Next, Get-Bulk, or Set request.

Syntax

def send_response(remote_host: str, remote_port: int, request_id: int, community: str, error_status: int, error_index: int) -> None: ...

Remarks

Use this method to send asynchronous response packets. A valid RequestId must be specified. send_response sends an unauthenticated response packet. Depending upon the value of the snmp_version property, the packet is constructed as an SNMPv1, SNMPv2c, or SNMPv3 (unauthenticated) response PDU. To send authenticated or encrypted SNMPv3 responses, use send_secure_response

The RemoteHost and RemotePort parameters are used to determine where the response is to be sent. The object identifiers, types, and values for the request are taken from the objects collection. The RequestId, Community, ErrorStatus, and ErrorIndex parameters are used to specify other properties of the response.

send_secure_response Method

Sends an authenticated and/or encrypted SNMPv3 response.

Syntax

def send_secure_response(remote_host: str, remote_port: int, request_id: int, message_id: int, error_status: int, error_index: int, user: str, authentication_protocol: int, authentication_password: str, encryption_algorithm: int, encryption_password: str) -> None: ...

Remarks

Similar to the send_response method except that User, Authentication Protocol, and AuthenticationPassword are used to authenticate the response. EncryptionAlgorithm and EncryptionPassword (if not empty) are used to encrypt the response.

The MessageId argument must match the MessageId parameter obtained from the on_get_request, on_get_next_request, on_set_request, or on_get_bulk_request event.

The user and password arguments used to send the response will be added to the internal user cache. If the user is already in the cache, its passwords will be updated with those supplied.

Valid Authentication Protocols are:

Valid Encryption Algorithms are:

send_secure_trap Method

Sends an authenticated and/or encrypted SNMPv3 trap.

Syntax

def send_secure_trap(remote_host: str, trap_oid: str, user: str, authentication_protocol: int, authentication_password: str, encryption_algorithm: int, encryption_password: str) -> None: ...

Remarks

Similar to the send_trap method except that User, AuthenticationPassword, and Authentication Protocol are used to authenticate the trap. EncryptionPassword (if not empty) and EncryptionAlgorithm are used to encrypt the message.

The user and password arguments used to send the trap will be added to the internal user cache. If the user is already in the cache, its passwords will be updated with those supplied.

Valid Authentication Protocols are:

Valid Encryption Algorithms are:

send_trap Method

Sends an SNMP Trap.

Syntax

def send_trap(remote_host: str, trap_oid: str) -> None: ...

Remarks

Depending upon the value of the snmp_version property, the packet is constructed as an SNMPv1 or SNMPv2 Trap PDU. The following configuration settings provide more control about how traps are generated: TrapPort, TrapAgentAddress, TrapCommunity, TrapEnterprise. The sys_up_time property provides the trap timestamp.

send_trap sends an unauthenticated trap. The send_secure_trap method is used to send authenticated SNMPv3 traps.

If any values are provided in the objects collection, they are sent unchanged. In the case of an SNMPv2 or SNMPv3 Trap, if objects has a count that is equal to 0, the following values are set: sysUpTime.0 equal to sys_up_time and snmpTrapOID.0 equal to TrapOID.

For SNMPv2 and SNMPv3 Traps, TrapOID must contain the full OID of the Trap. For SNMPv1, TrapOID must be a string of the form "generic.specific" where generic and specific are numeric values providing the Trap Generic Type and Specific Type.

For SNMPv1, TrapOID must be of the form "GenericTrap.SpecificTrap". These values are sent in the PDU header. TrapAgentAddress and TrapEnterprise are taken from the corresponding configuration settings.

Additionally, the following symbolic values are recognized and translated as follows:

show_cache Method

Lists all entries in the internal user authentication cache.

Syntax

def show_cache() -> None: ...

Remarks

A on_cache_entry event is fired for every record in the internal user authentication cache.

The internal authentication cache can be used as an alternative to the on_get_user_password event, automatically checking the cache against the security parameters provided in the request signature.

The show_cache method is used to show the contents of the internal authentication cache.

The clear_cache method can be used to completely clear the cache.

value Method

Returns the value corresponding to an OID.

Syntax

def value(oid: str) -> str: ...

Remarks

If the OID does not exist in the objects collection, a trappable error is generated.

Please refer to the SNMPObject type for more information.

on_bad_packet Event

Fired for erroneous and/or malformed messages.

Syntax

class SNMPTCPAgentBadPacketEventParams(object):
  @property
  def packet() -> bytes: ...

  @property
  def source_address() -> str: ...

  @property
  def source_port() -> int: ...

  @property
  def error_code() -> int: ...

  @property
  def error_description() -> str: ...

  @property
  def report() -> bool: ...
  @report.setter
  def report(value) -> None: ...

# In class SNMPTCPAgent:
@property
def on_bad_packet() -> Callable[[SNMPTCPAgentBadPacketEventParams], None]: ...
@on_bad_packet.setter
def on_bad_packet(event_hook: Callable[[SNMPTCPAgentBadPacketEventParams], None]) -> None: ...

Remarks

The full message is provided in the Packet parameter.

The on_bad_packet event is also fired when authentication fails for received packets due to a bad password or other reasons.

If the Report parameter is set to True, an unauthenticated error report will be sent to the client, otherwise the packet will be silently ignored.

Please refer to the on_get_user_password event for more information concerning SNMPv3 authentication.

on_cache_entry Event

Shows in the internal cache.

Syntax

class SNMPTCPAgentCacheEntryEventParams(object):
  @property
  def user() -> str: ...

  @property
  def authentication_protocol() -> str: ...

  @property
  def authentication_password() -> str: ...

  @property
  def encryption_algorithm() -> str: ...

  @property
  def encryption_password() -> str: ...

# In class SNMPTCPAgent:
@property
def on_cache_entry() -> Callable[[SNMPTCPAgentCacheEntryEventParams], None]: ...
@on_cache_entry.setter
def on_cache_entry(event_hook: Callable[[SNMPTCPAgentCacheEntryEventParams], None]) -> None: ...

Remarks

on_cache_entry events are triggered by a call to show_cache. One event is fired for each user.

on_connected Event

Fired immediately after a connection completes (or fails).

Syntax

class SNMPTCPAgentConnectedEventParams(object):
  @property
  def remote_address() -> str: ...

  @property
  def remote_port() -> int: ...

  @property
  def status_code() -> int: ...

  @property
  def description() -> str: ...

# In class SNMPTCPAgent:
@property
def on_connected() -> Callable[[SNMPTCPAgentConnectedEventParams], None]: ...
@on_connected.setter
def on_connected(event_hook: Callable[[SNMPTCPAgentConnectedEventParams], None]) -> None: ...

Remarks

This event fires after a connection completes or fails.

StatusCode is the value returned by the system TCP/IP stack. This will be 0 if the connection was successful.

Description contains a human readable description of the status. This will be "OK" if the connection was successful.

RemoteAddress is the IP address of the remote host.

RemotePort is the port on the remote host.

on_connection_status Event

This event is fired to indicate changes in the connection state.

Syntax

class SNMPTCPAgentConnectionStatusEventParams(object):
  @property
  def connection_event() -> str: ...

  @property
  def status_code() -> int: ...

  @property
  def description() -> str: ...

# In class SNMPTCPAgent:
@property
def on_connection_status() -> Callable[[SNMPTCPAgentConnectionStatusEventParams], None]: ...
@on_connection_status.setter
def on_connection_status(event_hook: Callable[[SNMPTCPAgentConnectionStatusEventParams], None]) -> None: ...

Remarks

The on_connection_status event is fired when the connection state changes: for example, completion of a firewall or proxy connection or completion of a security handshake.

The ConnectionEvent parameter indicates the type of connection event. Values may include the following:

Description contains a description of this code. The value of StatusCode is equal to the value of the error.

on_disconnected Event

Fired when a connection is closed.

Syntax

class SNMPTCPAgentDisconnectedEventParams(object):
  @property
  def remote_address() -> str: ...

  @property
  def remote_port() -> int: ...

  @property
  def status_code() -> int: ...

  @property
  def description() -> str: ...

# In class SNMPTCPAgent:
@property
def on_disconnected() -> Callable[[SNMPTCPAgentDisconnectedEventParams], None]: ...
@on_disconnected.setter
def on_disconnected(event_hook: Callable[[SNMPTCPAgentDisconnectedEventParams], None]) -> None: ...

Remarks

This event fires after a connection is broken.

StatusCode is the value returned by the system TCP/IP stack. This will be 0 if the connection was broken normally.

Description contains a human readable description of the status. This will be "OK" if the connection was broken normally.

RemoteAddress is the IP address of the remote host.

RemotePort is the port on the remote host.

on_discovery_request Event

Fired when an SNMPv3 discovery packet is received.

Syntax

class SNMPTCPAgentDiscoveryRequestEventParams(object):
  @property
  def engine_id() -> bytes: ...

  @property
  def engine_boots() -> int: ...

  @property
  def engine_time() -> int: ...

  @property
  def user() -> str: ...

  @property
  def security_level() -> int: ...

  @property
  def source_address() -> str: ...

  @property
  def source_port() -> int: ...

  @property
  def respond() -> bool: ...
  @respond.setter
  def respond(value) -> None: ...

# In class SNMPTCPAgent:
@property
def on_discovery_request() -> Callable[[SNMPTCPAgentDiscoveryRequestEventParams], None]: ...
@on_discovery_request.setter
def on_discovery_request(event_hook: Callable[[SNMPTCPAgentDiscoveryRequestEventParams], None]) -> None: ...

Remarks

EngineId, EngineBoots, EngineTime, and User are the values received from SourceAddress.

For SNMPv3, the User parameter shows the user that was supplied with the packet. This parameter MUST be used together with the SecurityLevel parameter which shows the level of security in the message.

The SecurityLevel parameter shows whether the request has been authenticated. If SecurityLevel is 0, the request has NOT been authenticated (i.e. the packet signature has not been verified). For an authenticated, non encrypted request, SecurityLevel is 1. For an authenticated and encrypted request, SecurityLevel is 2.

Respond is True by default, and will automatically send a response using the value in local_engine_id. To suppress the response, set Respond to False.

The value returned to SourceAddress for EngineBoots is always 0, and EngineTime is the number of seconds since January 1st, 1970 (GMT).

on_error Event

Fired when information is available about errors during data delivery.

Syntax

class SNMPTCPAgentErrorEventParams(object):
  @property
  def error_code() -> int: ...

  @property
  def description() -> str: ...

# In class SNMPTCPAgent:
@property
def on_error() -> Callable[[SNMPTCPAgentErrorEventParams], None]: ...
@on_error.setter
def on_error(event_hook: Callable[[SNMPTCPAgentErrorEventParams], None]) -> None: ...

Remarks

The on_error event is fired in case of exceptional conditions during message processing. Normally the class fails with an error.

The ErrorCode parameter contains an error code, and the Description parameter contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.

on_get_bulk_request Event

Fired when a GetBulkRequest packet is received.

Syntax

class SNMPTCPAgentGetBulkRequestEventParams(object):
  @property
  def request_id() -> int: ...

  @property
  def message_id() -> int: ...

  @property
  def snmp_version() -> int: ...

  @property
  def community() -> str: ...

  @property
  def user() -> str: ...

  @property
  def security_level() -> int: ...

  @property
  def source_address() -> str: ...

  @property
  def source_port() -> int: ...

  @property
  def non_repeaters() -> int: ...

  @property
  def max_repetitions() -> int: ...

  @property
  def error_index() -> int: ...
  @error_index.setter
  def error_index(value) -> None: ...

  @property
  def error_status() -> int: ...
  @error_status.setter
  def error_status(value) -> None: ...

  @property
  def error_description() -> str: ...

  @property
  def respond() -> bool: ...
  @respond.setter
  def respond(value) -> None: ...

# In class SNMPTCPAgent:
@property
def on_get_bulk_request() -> Callable[[SNMPTCPAgentGetBulkRequestEventParams], None]: ...
@on_get_bulk_request.setter
def on_get_bulk_request(event_hook: Callable[[SNMPTCPAgentGetBulkRequestEventParams], None]) -> None: ...

Remarks

This is only available for SNMP versions 2 and 3.

The list of variables in the SNMP packet, including optional values and types, is provided through the objects collection. Each object is of type SNMPObject. This type describes the obj_id, obj_type, and obj_value of each SNMP object. These variables must be copied to another location before the event has completed executing, or they may be overridden by other events.

The SourceAddress and SourcePort parameters show the address and port of the sender as reported by the TCP/IP stack.

The MessageId parameter identifies the received request.

For SNMPv3, the User parameter shows the user that was supplied with the packet. This parameter MUST be used together with the SecurityLevel parameter which shows the level of security in the message.

The SecurityLevel parameter shows whether the request has been authenticated. If SecurityLevel is 0, the request has NOT been authenticated (i.e. the packet signature has not been verified). For an authenticated, non encrypted request, SecurityLevel is 1. For an authenticated and encrypted request, SecurityLevel is 2.

To send a response, the Respond parameter must be set to true. By default, this value is false, which means no response will be sent. The ErrorStatus parameter may also be set to a valid SNMP status code (the default value is 0, which represents no error).

The following is a list of valid SNMP status code values:

Variable indexes start with 0. ErrorIndex has no meaning when ErrorStatus is 0 (no error).

A GetBulkRequest is very similar to a GetNextRequest, the difference is that Getbulk performs a continuous GetNext operation based on the MaxRepitions value. The NonRepeaters value will determine the number of objects for which a simple GetNext operation should be performed. For the remaining variables, a continuous GetNext operation is performed based on the MaxRepitions value.

So if you send a request containing X objects, the agent will perform N simple GetNext operations and M continuous GetNext operations X - N times. With X being the number of objects received, N being the number of NonRepeaters, and M being the number of MaxRepitions. Thus the SNMPMgr is expecting to receive N + M x (X - N) objects, assuming that each object has M successors.

on_get_next_request Event

Fired when a GetNextRequest packet is received.

Syntax

class SNMPTCPAgentGetNextRequestEventParams(object):
  @property
  def request_id() -> int: ...

  @property
  def message_id() -> int: ...

  @property
  def snmp_version() -> int: ...

  @property
  def community() -> str: ...

  @property
  def user() -> str: ...

  @property
  def security_level() -> int: ...

  @property
  def source_address() -> str: ...

  @property
  def source_port() -> int: ...

  @property
  def error_index() -> int: ...
  @error_index.setter
  def error_index(value) -> None: ...

  @property
  def error_status() -> int: ...
  @error_status.setter
  def error_status(value) -> None: ...

  @property
  def error_description() -> str: ...

  @property
  def respond() -> bool: ...
  @respond.setter
  def respond(value) -> None: ...

# In class SNMPTCPAgent:
@property
def on_get_next_request() -> Callable[[SNMPTCPAgentGetNextRequestEventParams], None]: ...
@on_get_next_request.setter
def on_get_next_request(event_hook: Callable[[SNMPTCPAgentGetNextRequestEventParams], None]) -> None: ...

Remarks

The list of variables in the SNMP packet, including optional values and types, is provided through the objects collection. Each object is of type SNMPObject. This type describes the obj_id, obj_type, and obj_value of each SNMP object. These variables must be copied to another location before the event has completed executing, or they may be overridden by other events.

The SourceAddress and SourcePort parameters show the address and port of the sender as reported by the TCP/IP stack.

The MessageId parameter identifies the received request.

For SNMPv3, the User parameter shows the user that was supplied with the packet. This parameter MUST be used together with the SecurityLevel parameter which shows the level of security in the message.

The SecurityLevel parameter shows whether the request has been authenticated. If SecurityLevel is 0, the request has NOT been authenticated (i.e. the packet signature has not been verified). For an authenticated, non encrypted request, SecurityLevel is 1. For an authenticated and encrypted request, SecurityLevel is 2.

To send a response, the Respond parameter must be set to true. By default, this value is false, which means no response will be sent. The ErrorStatus parameter may also be set to a valid SNMP status code (the default value is 0, which represents no error).

The following is a list of valid SNMP status code values:

Variable indexes start with 0. ErrorIndex has no meaning when ErrorStatus is 0 (no error).

on_get_request Event

Fired when a GetRequest packet is received.

Syntax

class SNMPTCPAgentGetRequestEventParams(object):
  @property
  def request_id() -> int: ...

  @property
  def message_id() -> int: ...

  @property
  def snmp_version() -> int: ...

  @property
  def community() -> str: ...

  @property
  def user() -> str: ...

  @property
  def security_level() -> int: ...

  @property
  def source_address() -> str: ...

  @property
  def source_port() -> int: ...

  @property
  def error_index() -> int: ...
  @error_index.setter
  def error_index(value) -> None: ...

  @property
  def error_status() -> int: ...
  @error_status.setter
  def error_status(value) -> None: ...

  @property
  def error_description() -> str: ...

  @property
  def respond() -> bool: ...
  @respond.setter
  def respond(value) -> None: ...

# In class SNMPTCPAgent:
@property
def on_get_request() -> Callable[[SNMPTCPAgentGetRequestEventParams], None]: ...
@on_get_request.setter
def on_get_request(event_hook: Callable[[SNMPTCPAgentGetRequestEventParams], None]) -> None: ...

Remarks

The list of variables in the SNMP packet, including optional values and types, is provided through the objects collection. Each object is of type SNMPObject. This type describes the obj_id, obj_type, and obj_value of each SNMP object. These variables must be copied to another location before the event has completed executing, or they may be overridden by other events.

The SourceAddress and SourcePort parameters show the address and port of the sender as reported by the TCP/IP stack.

The MessageId parameter identifies the received request.

For SNMPv3, the User parameter shows the user that was supplied with the packet. This parameter MUST be used together with the SecurityLevel parameter which shows the level of security in the message.

The SecurityLevel parameter shows whether the request has been authenticated. If SecurityLevel is 0, the request has NOT been authenticated (i.e. the packet signature has not been verified). For an authenticated, non encrypted request, SecurityLevel is 1. For an authenticated and encrypted request, SecurityLevel is 2.

To send a response, the Respond parameter must be set to true. By default, this value is false, which means no response will be sent. The ErrorStatus parameter may also be set to a valid SNMP status code (the default value is 0, which represents no error).

The following is a list of valid SNMP status code values:

Variable indexes start with 0. ErrorIndex has no meaning when ErrorStatus is 0 (no error).

on_get_user_password Event

Retrieves a password associated with a user.

Syntax

class SNMPTCPAgentGetUserPasswordEventParams(object):
  @property
  def password_type() -> int: ...

  @property
  def user() -> str: ...

  @property
  def password() -> str: ...
  @password.setter
  def password(value) -> None: ...

  @property
  def algorithm() -> int: ...
  @algorithm.setter
  def algorithm(value) -> None: ...

# In class SNMPTCPAgent:
@property
def on_get_user_password() -> Callable[[SNMPTCPAgentGetUserPasswordEventParams], None]: ...
@on_get_user_password.setter
def on_get_user_password(event_hook: Callable[[SNMPTCPAgentGetUserPasswordEventParams], None]) -> None: ...

Remarks

The on_get_user_password event is fired after initial inspection of SNMPv3 requests.

The type of password required is provided in the PasswordType parameter: 1 for authentication, and 2 for encryption (privacy).

The password corresponding to User (if any) must be provided in the Password parameter. If the password is valid, processing will continue to other events such as on_get_request, on_set_request, etc.

If the PasswordType parameter is 1 (authentication is used), the Algorithm parameter can be set. Possible values are:

If the password does not match the signature in the request, a on_bad_packet event will be fired, at which point you can decide whether to report the error to the client (see the description of the on_bad_packet event for more information).

If the User is invalid or unknown, set the password to empty string (default) to ignore the request. This will result in a on_bad_packet event being fired, at which point you can decide whether to report the error to the client or not.

on_get_user_security_level Event

Sets the security level for an incoming packet.

Syntax

class SNMPTCPAgentGetUserSecurityLevelEventParams(object):
  @property
  def user() -> str: ...

  @property
  def engine_id() -> bytes: ...

  @property
  def security_level() -> int: ...
  @security_level.setter
  def security_level(value) -> None: ...

# In class SNMPTCPAgent:
@property
def on_get_user_security_level() -> Callable[[SNMPTCPAgentGetUserSecurityLevelEventParams], None]: ...
@on_get_user_security_level.setter
def on_get_user_security_level(event_hook: Callable[[SNMPTCPAgentGetUserSecurityLevelEventParams], None]) -> None: ...

Remarks

The on_get_user_security_level event is fired after the first inspection of each SNMPv3 request. The SecurityLevel parameter determines the level of security for the message.

On entry, the SecurityLevel parameter contains the default security level for User if the user is located in the internal cache, or if the User is not found in the cache, the SecurityLevel will be -1.

The value of SecurityLevel upon exiting the event, determines how the message will be processed:

on_hash_password Event

Fired before and after a password is hashed.

Syntax

class SNMPTCPAgentHashPasswordEventParams(object):
  @property
  def password() -> str: ...

  @property
  def auth_algorithm() -> int: ...

  @property
  def hash() -> str: ...
  @hash.setter
  def hash(value) -> None: ...

# In class SNMPTCPAgent:
@property
def on_hash_password() -> Callable[[SNMPTCPAgentHashPasswordEventParams], None]: ...
@on_hash_password.setter
def on_hash_password(event_hook: Callable[[SNMPTCPAgentHashPasswordEventParams], None]) -> None: ...

Remarks

SNMPv3 passwords are hashed in order to obtain authentication and encryption keys. This is an expensive operation, and in certain situations it may be preferable to store the hashed passwords externally and supply them on demand.

If a hash is required, the event fires with an empty string in the Hash parameter. In this case, you can choose to supply a value for the hash and stop the class from computing the hash.

The event also fires every time a hash is computed. In this case, the Hash parameter contains the value of the computed hash.

AuthAlgorithm contains either 1 for HMAC-MD5-96, 2 for HMAC-SHA-96 or 3 for HMAC-192-SHA-256

on_packet_trace Event

Fired for every packet sent or received.

Syntax

class SNMPTCPAgentPacketTraceEventParams(object):
  @property
  def packet() -> bytes: ...

  @property
  def direction() -> int: ...

  @property
  def packet_address() -> str: ...

  @property
  def packet_port() -> int: ...

# In class SNMPTCPAgent:
@property
def on_packet_trace() -> Callable[[SNMPTCPAgentPacketTraceEventParams], None]: ...
@on_packet_trace.setter
def on_packet_trace(event_hook: Callable[[SNMPTCPAgentPacketTraceEventParams], None]) -> None: ...

Remarks

The on_packet_trace event shows all the packets sent or received by the class.

Packet contains the full contents of the datagram.

Direction shows the direction of the packet: 1 for incoming packets, and 2 for outgoing packets.

In the case of an incoming packet, PacketAddress and PacketPort identify the source of the packet.

In the case of an outgoing packet, PacketAddress and PacketPort identify the destination of the packet.

on_ready_to_send Event

Fired when the class is ready to send data.

Syntax

class SNMPTCPAgentReadyToSendEventParams(object):
# In class SNMPTCPAgent:
@property
def on_ready_to_send() -> Callable[[SNMPTCPAgentReadyToSendEventParams], None]: ...
@on_ready_to_send.setter
def on_ready_to_send(event_hook: Callable[[SNMPTCPAgentReadyToSendEventParams], None]) -> None: ...

Remarks

The on_ready_to_send event indicates that the underlying TCP/IP subsystem is ready to accept data after a failed DataToSend(TBD. DataToSend is removed).

on_report Event

Fired when a Report packet is received.

Syntax

class SNMPTCPAgentReportEventParams(object):
  @property
  def request_id() -> int: ...

  @property
  def snmp_version() -> int: ...

  @property
  def community() -> str: ...

  @property
  def user() -> str: ...

  @property
  def security_level() -> int: ...

  @property
  def source_address() -> str: ...

  @property
  def source_port() -> int: ...

  @property
  def error_index() -> int: ...

  @property
  def error_status() -> int: ...

  @property
  def error_description() -> str: ...

# In class SNMPTCPAgent:
@property
def on_report() -> Callable[[SNMPTCPAgentReportEventParams], None]: ...
@on_report.setter
def on_report(event_hook: Callable[[SNMPTCPAgentReportEventParams], None]) -> None: ...

Remarks

For SNMPv3, the User parameter shows the user that was supplied with the packet. This parameter MUST be used together with the SecurityLevel parameter which shows the level of security in the message.

The SecurityLevel parameter shows whether the request has been authenticated. If SecurityLevel is 0, the request has NOT been authenticated (i.e. the packet signature has not been verified). For an authenticated, non encrypted request, SecurityLevel is 1. For an authenticated and encrypted request, SecurityLevel is 2.

The list of variables in the SNMP packet, including optional values and types, is provided through the objects collection. Each object is of type SNMPObject. This type describes the obj_id, obj_type, and obj_value of each SNMP object. These variables must be copied to another location before the event has completed executing, or they may be overridden by other events.

The SourceAddress and SourcePort parameters show the address and port of the sender as reported by the TCP/IP stack.

on_set_request Event

Fired when a SetRequest packet is received.

Syntax

class SNMPTCPAgentSetRequestEventParams(object):
  @property
  def request_id() -> int: ...

  @property
  def message_id() -> int: ...

  @property
  def snmp_version() -> int: ...

  @property
  def community() -> str: ...

  @property
  def user() -> str: ...

  @property
  def security_level() -> int: ...

  @property
  def source_address() -> str: ...

  @property
  def source_port() -> int: ...

  @property
  def error_index() -> int: ...
  @error_index.setter
  def error_index(value) -> None: ...

  @property
  def error_status() -> int: ...
  @error_status.setter
  def error_status(value) -> None: ...

  @property
  def error_description() -> str: ...

  @property
  def respond() -> bool: ...
  @respond.setter
  def respond(value) -> None: ...

# In class SNMPTCPAgent:
@property
def on_set_request() -> Callable[[SNMPTCPAgentSetRequestEventParams], None]: ...
@on_set_request.setter
def on_set_request(event_hook: Callable[[SNMPTCPAgentSetRequestEventParams], None]) -> None: ...

Remarks

The list of variables in the SNMP packet, including optional values and types, is provided through the objects collection. Each object is of type SNMPObject. This type describes the obj_id, obj_type, and obj_value of each SNMP object. These variables must be copied to another location before the event has completed executing, or they may be overridden by other events.

The SourceAddress and SourcePort parameters show the address and port of the sender as reported by the TCP/IP stack.

The MessageId parameter identifies the received request.

For SNMPv3, the User parameter shows the user that was supplied with the packet. This parameter MUST be used together with the SecurityLevel parameter which shows the level of security in the message.

The SecurityLevel parameter shows whether the request has been authenticated. If SecurityLevel is 0, the request has NOT been authenticated (i.e. the packet signature has not been verified). For an authenticated, non encrypted request, SecurityLevel is 1. For an authenticated and encrypted request, SecurityLevel is 2.

To send a response, the Respond parameter must be set to true. By default, this value is false, which means no response will be sent. The ErrorStatus parameter may also be set to a valid SNMP status code (the default value is 0, which represents no error).

The following is a list of valid SNMP status code values:

Variable indexes start with 0. ErrorIndex has no meaning when ErrorStatus is 0 (no error).

on_ssl_client_authentication Event

Fired when the client presents its credentials to the server.

Syntax

class SNMPTCPAgentSSLClientAuthenticationEventParams(object):
  @property
  def remote_address() -> str: ...

  @property
  def remote_port() -> int: ...

  @property
  def cert_encoded() -> bytes: ...

  @property
  def cert_subject() -> str: ...

  @property
  def cert_issuer() -> str: ...

  @property
  def status() -> str: ...

  @property
  def accept() -> bool: ...
  @accept.setter
  def accept(value) -> None: ...

# In class SNMPTCPAgent:
@property
def on_ssl_client_authentication() -> Callable[[SNMPTCPAgentSSLClientAuthenticationEventParams], None]: ...
@on_ssl_client_authentication.setter
def on_ssl_client_authentication(event_hook: Callable[[SNMPTCPAgentSSLClientAuthenticationEventParams], None]) -> None: ...

Remarks

This event fires when a client connects to the class and presents a certificate for authentication. The Accept parameter is a recommendation on whether to continue or close the connection. This is just a suggestion: application software must use its own logic to determine whether to continue or not.

When Accept is False, Status shows why the verification failed (otherwise, Status contains the string "OK").

RemoteAddress is the IP address of the connecting client.

RemotePort is the source port of the connecting client.

CertEncoded is the base64 encoded certificate presented by the client.

CertSubject is the subject of the certificate presented by the client.

CertIssuer is the subject of the issuer of the certificate presented by the client.

Status is the stauts of the certificate.

Accept defines whether the certificate is accepted.

on_ssl_server_authentication Event

Fires when connecting to the server.

Syntax

class SNMPTCPAgentSSLServerAuthenticationEventParams(object):
  @property
  def remote_address() -> str: ...

  @property
  def remote_port() -> int: ...

  @property
  def cert_encoded() -> bytes: ...

  @property
  def cert_subject() -> str: ...

  @property
  def cert_issuer() -> str: ...

  @property
  def status() -> str: ...

  @property
  def accept() -> bool: ...
  @accept.setter
  def accept(value) -> None: ...

# In class SNMPTCPAgent:
@property
def on_ssl_server_authentication() -> Callable[[SNMPTCPAgentSSLServerAuthenticationEventParams], None]: ...
@on_ssl_server_authentication.setter
def on_ssl_server_authentication(event_hook: Callable[[SNMPTCPAgentSSLServerAuthenticationEventParams], None]) -> None: ...

Remarks

This event is where the client can decide whether to continue with the connection process or not. The Accept parameter is a recommendation on whether to continue or close the connection. This is just a suggestion: application software must use its own logic to determine whether to continue or not.

When Accept is False, Status shows why the verification failed (otherwise, Status contains the string "OK"). If it is decided to continue, you can override and accept the certificate by setting the Accept parameter to True.

RemoteAddress is the IP address of the server.

RemotePort is the source port of the server.

CertEncoded is the base64 encoded certificate presented by the server.

CertSubject is the subject of the certificate presented by the server.

CertIssuer is the subject of the issuer of the certificate presented by the server.

Status is the stauts of the certificate.

Accept defines whether the certificate is accepted.

on_ssl_status Event

Shows the progress of the secure connection.

Syntax

class SNMPTCPAgentSSLStatusEventParams(object):
  @property
  def remote_address() -> str: ...

  @property
  def remote_port() -> int: ...

  @property
  def message() -> str: ...

# In class SNMPTCPAgent:
@property
def on_ssl_status() -> Callable[[SNMPTCPAgentSSLStatusEventParams], None]: ...
@on_ssl_status.setter
def on_ssl_status(event_hook: Callable[[SNMPTCPAgentSSLStatusEventParams], None]) -> None: ...

Remarks

The event is fired for informational and logging purposes only. It is used to track the progress of the connection.

RemoteAddress is the IP address of the remote machine.

RemotePort is the port of the remote machine.

Message is the log message.

SNMPTCPAgent Config Settings

SNMPTCPAgent Config Settings

TCPClient Config Settings

SSL Config Settings

-----BEGIN CERTIFICATE-----
MIIEKzCCAxOgAwIBAgIRANTET4LIkxdH6P+CFIiHvTowDQYJKoZIhvcNAQELBQAw
... Intermediate Cert ...
eWHV5OW1K53o/atv59sOiW5K3crjFhsBOd5Q+cJJnU+SWinPKtANXMht+EDvYY2w
F0I1XhM+pKj7FjDr+XNj
-----END CERTIFICATE-----
\r \n
-----BEGIN CERTIFICATE-----
MIIEFjCCAv6gAwIBAgIQetu1SMxpnENAnnOz1P+PtTANBgkqhkiG9w0BAQUFADBp
... Root Cert ...
d8q23djXZbVYiIfE9ebr4g3152BlVCHZ2GyPdjhIuLeH21VbT/dyEHHA
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
MIIEKzCCAxOgAwIBAgIRANTET4LIkxdH6P+CFIiHvTowDQYJKoZIhvcNAQELBQAw
... Intermediate Cert ...
eWHV5OW1K53o/atv59sOiW5K3crjFhsBOd5Q+cJJnU+SWinPKtANXMht+EDvYY2w
F0I1XhM+pKj7FjDr+XNj
-----END CERTIFICATE-----
\r \n
-----BEGIN CERTIFICATE-----
MIIEFjCCAv6gAwIBAgIQetu1SMxpnENAnnOz1P+PtTANBgkqhkiG9w0BAQUFADBp
... Root Cert ...
d8q23djXZbVYiIfE9ebr4g3152BlVCHZ2GyPdjhIuLeH21VbT/dyEHHA
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
MIIEKzCCAxOgAwIBAgIRANTET4LIkxdH6P+CFIiHvTowDQYJKoZIhvcNAQELBQAw
... Intermediate Cert...
eWHV5OW1K53o/atv59sOiW5K3crjFhsBOd5Q+cJJnU+SWinPKtANXMht+EDvYY2w
F0I1XhM+pKj7FjDr+XNj
-----END CERTIFICATE-----
\r \n
-----BEGIN CERTIFICATE-----
MIIEFjCCAv6gAwIBAgIQetu1SMxpnENAnnOz1P+PtTANBgkqhkiG9w0BAQUFADBp
... Root Cert...
d8q23djXZbVYiIfE9ebr4g3152BlVCHZ2GyPdjhIuLeH21VbT/dyEHHA
-----END CERTIFICATE-----

Socket Config Settings

Base Config Settings

SNMPTCPAgent Errors

SNMPTCPAgent Errors

The class may also return one of the following error codes, which are inherited from other classes.

TCPClient Errors

SSL Errors

TCP/IP Errors