5.5.15.2. ForwardStartTLSEncryption methods

MethodDescription
__init__(self, client_certificate_generator, client_verify, server_verify, client_ssl_options, server_ssl_options) Initializes a ForwardStartTLSEncryption instance to handle scenarios when the client can optionally request STARTTLS encryption.

Table 5.48. Method summary

Method __init__(self, client_certificate_generator, client_verify, server_verify, client_ssl_options, server_ssl_options)
Initializes a ForwardStartTLSEncryption instance to handle scenarios when the client can optionally request STARTTLS encryption. If the client sends a STARTTLS request, the client-side connection will use STARTTLS, and Zorp will forward the request to the server. If the server supports STARTTLS, the server-side connection will also use STARTTLS.
Warning

If the client does not send a STARTTLS request, the communication will not be encrypted at all. Both the client-Zorp and the Zorp-server connections will be unencrypted.

Arguments of __init__
client_certificate_generator (class)
Default: n/a
The class that will generate the certificate Zorp shows to the client. You can use an instance of the StaticCertificate, DynamicCertificate, or SNIBasedCertificate classes.

client_ssl_options (class)
Default: ClientSSLOptions()
The protocol-level encryption settings used on the client side. This must be a ClientSSLOptions instance.

client_verify (class)
Default: ClientCertificateVerifierGroup()
The settings used to verify the certificate of the client. This must be a ClientCertificateVerifier instance.

server_ssl_options (class)
Default: ServerSSLOptions()
The protocol-level encryption settings used on the server side. This must be a ServerSSLOptions instance.

server_verify (class)
Default: ServerCertificateVerifierGroup()
The settings used to verify the certificate of the server. This must be a ServerCertificateVerifier instance.