Method | Description |
---|---|
__init__(self, trust_level, intermediate_revocation_check_type, leaf_revocation_check_type, trusted_certs_directory, verify_depth, verify_ca_directory, verify_crl_directory, check_subject) | Constructor to initialize a ServerCertificateVerifier instance. |
Table 5.56. Method summary
This constructor defines a ServerCertificateVerifier with the specified parameters.
check_subject (boolean) | |
---|---|
Default: TRUE | |
If the check_subject parameter is TRUE,
the Subject of the server-side certificate is compared
with application-layer information (for example, it checks
whether the Subject matches the hostname in the URL).
For details, see Section 3.2.5, Certificate verification options.
|
intermediate_revocation_check_type (enum) | |
---|---|
Default: TLS_INTERMEDIATE_REVOCATION_SOFT_FAIL | |
Specify how intermediate certificates revocation status check should work. |
leaf_revocation_check_type (enum) | |
---|---|
Default: TLS_LEAF_REVOCATION_SOFT_FAIL | |
Specify how leaf certificate revocation status check should work. |
trust_level (enum) | |
---|---|
Default: TLS_TRUST_LEVEL_FULL | |
Specify which certificate should be accepted as trusted. |
verify_ca_directory (string) | |
---|---|
Default: "" | |
Directory where the trusted CA certificates are stored. CA certificates are loaded on-demand from this directory when the certificate of the peer is verified. |
© 2021 BalaSys IT Security.
Send your comments to support@balasys.hu