google.auth.transport.mtls module¶
Utilites for mutual TLS.
- has_default_client_cert_source()[source]¶
Check if default client SSL credentials exists on the device.
- Returns:
indicating if the default client cert source exists.
- Return type:
- default_client_cert_source()[source]¶
Get a callback which returns the default client SSL credentials.
- default_client_encrypted_cert_source(cert_path, key_path)[source]¶
Get a callback which returns the default encrpyted client SSL credentials.
- Parameters:
- Returns:
- A callback which generates the default
client certificate, encrpyted private key and passphrase. It writes the certificate and private key into the cert_path and key_path, and returns the cert_path, key_path and passphrase bytes.
- Return type:
- Raises:
google.auth.exceptions.DefaultClientCertSourceError – If any problem occurs when loading or saving the client certificate and key.
- should_use_client_cert()[source]¶
Returns boolean for whether the client certificate should be used for mTLS.
This is a wrapper around _mtls_helper.check_use_client_cert(). If GOOGLE_API_USE_CLIENT_CERTIFICATE is set to true or false, a corresponding bool value will be returned If GOOGLE_API_USE_CLIENT_CERTIFICATE is unset, the value will be inferred by reading a file pointed at by GOOGLE_API_CERTIFICATE_CONFIG, and verifying it contains a “workload” section. If so, the function will return True, otherwise False.
- Returns:
indicating whether the client certificate should be used for mTLS.
- Return type:
