twisted.test.test_sslverify.OpenSSLOptionsTests

class documentation

class OpenSSLOptionsTests(OpenSSLOptionsTestsMixin, TestCase): (source)

Tests for sslverify.OpenSSLOptions.

Method	`setUp`	Same as `OpenSSLOptionsTestsMixin.setUp`, but it also patches `sslverify._ChooseDiffieHellmanEllipticCurve`.
Method	`test_abbreviatingDistinguishedNames`	Check that abbreviations used in certificates correctly map to complete names.
Method	`test_acceptableCiphersAreAlwaysSet`	If the user doesn't supply custom acceptable ciphers, a shipped secure default is used. We can't check directly for it because the effective cipher string we set varies with platforms.
Method	`test_allowedAnonymousClientConnection`	Check that anonymous connections are allowed when certificates aren't required on the server.
Method	`test_basicSecurityOptionsAreSet`	Every context must have `OP_NO_SSLv2`, `OP_NO_COMPRESSION`, and `OP_CIPHER_SERVER_PREFERENCE` set.
Method	`test_certificateOptionsSerialization`	Test that __setstate__(__getstate__()) round-trips properly.
Method	`test_certificateOptionsSessionTickets`	Enabling session tickets should not set the OP_NO_TICKET option.
Method	`test_certificateOptionsSessionTicketsDisabled`	Enabling session tickets should set the OP_NO_TICKET option.
Method	`test_constructorAllowsCACertsWithoutVerify`	It's currently a NOP, but valid.
Method	`test_constructorDoesNotAllowExtraChainWithoutPrivateKey`	A `extraCertChain` without `privateKey` doesn't make sense and is thus rejected.
Method	`test_constructorDoesNotAllowExtraChainWithOutPrivateKey`	A `extraCertChain` without `certificate` doesn't make sense and is thus rejected.
Method	`test_constructorDoesNotAllowLegacyWithTrustRoot`	`verify`, `requireCertificate`, and `caCerts` must not be specified by the caller (to be any value, even the default!) when specifying `trustRoot`.
Method	`test_constructorDoesNotAllowVerifyWithoutCACerts`	`verify` must not be `True` without specifying `caCerts`.
Method	`test_constructorSetsExtraChain`	Setting `extraCertChain` works if `certificate` and `privateKey` are set along with it.
Method	`test_constructorWithCertificateAndPrivateKey`	Specifying `privateKey` and `certificate` initializes correctly.
Method	`test_constructorWithOnlyCertificate`	`privateKey` and `certificate` make only sense if both are set.
Method	`test_constructorWithOnlyPrivateKey`	`privateKey` and `certificate` make only sense if both are set.
Method	`test_constructorWithVerifyAndCACerts`	Specifying `verify` and `caCerts` initializes correctly.
Method	`test_dhParams`	If `dhParams` is set, they are loaded into each new context.
Method	`test_enablingAndDisablingSessions`	The enableSessions argument sets the session cache mode; it defaults to False (at least until https://twistedmatrix.com/trac/ticket/9764 can be resolved).
Method	`test_extraChainDoesNotBreakPyOpenSSL`	`extraCertChain` doesn't break `OpenSSL.SSL.Context` creation.
Method	`test_extraChainFilesAreAddedIfSupplied`	If `extraCertChain` is set and all prerequisites are met, the specified chain certificates are added to `Context`s that get created.
Method	`test_failedCertificateVerification`	Check that connecting with a certificate not accepted by the server CA fails.
Method	`test_givesMeaningfulErrorMessageIfNoCipherMatches`	If there is no valid cipher that matches the user's wishes, a `ValueError` is raised.
Method	`test_honorsAcceptableCiphersArgument`	If acceptable ciphers are passed, they are used.
Method	`test_inspectCertificate`	Test that the `inspect` method of `sslverify.Certificate` returns a human-readable string containing some basic information about the certificate.
Method	`test_methodIsDeprecated`	Passing `method` to `sslverify.OpenSSLCertificateOptions` is deprecated.
Method	`test_modeIsSet`	Every context must be in `MODE_RELEASE_BUFFERS` mode.
Method	`test_publicKeyMatching`	`PublicKey.matches` returns `True` for keys from certificates with the same key, and `False` for keys from certificates with different keys.
Method	`test_refusedAnonymousClientConnection`	Check that anonymous connections are refused when certificates are required on the server.
Method	`test_singleUseKeys`	If `singleUseKeys` is set, every context must have `OP_SINGLE_DH_USE` and `OP_SINGLE_ECDH_USE` set.
Method	`test_successfulCertificateVerification`	Test a successful connection with client certificate validation on server side.
Method	`test_successfulSymmetricSelfSignedCertificateVerification`	Test a successful connection with validation on both server and client sides.
Method	`test_tlsProtocolsAllModernTLS`	When calling `sslverify.OpenSSLCertificateOptions` with `insecurelyLowerMinimumTo` set to TLSv1.0 and `lowerMaximumSecurityTo` to TLSv1.2, it will exclude both SSLs and the (unreleased) TLSv1.3.
Method	`test_tlsProtocolsAllSecureTLS`	When calling `sslverify.OpenSSLCertificateOptions` with `insecurelyLowerMinimumTo` set to TLSv1.2, it will ignore all TLSs below 1.2 and SSL.
Method	`test_tlsProtocolsAtLeastAllSecureTLS`	When calling `sslverify.OpenSSLCertificateOptions` with `raiseMinimumTo` set to TLSv1.2, it will ignore all TLSs below 1.2 and SSL.
Method	`test_tlsProtocolsAtLeastWillAcceptHigherDefault`	When calling `sslverify.OpenSSLCertificateOptions` with `raiseMinimumTo` set to a value lower than Twisted's default will cause it to use the more secure default.
Method	`test_tlsProtocolsAtLeastWithMinimum`	Passing `insecurelyLowerMinimumTo` along with `raiseMinimumTo` to `sslverify.OpenSSLCertificateOptions` will cause it to raise an exception.
Method	`test_tlsProtocolsNoMethodWithAtLeast`	Passing `raiseMinimumTo` along with `method` to `sslverify.OpenSSLCertificateOptions` will cause it to raise an exception.
Method	`test_tlsProtocolsNoMethodWithMaximum`	Passing `lowerMaximumSecurityTo` along with `method` to `sslverify.OpenSSLCertificateOptions` will cause it to raise an exception.
Method	`test_tlsProtocolsNoMethodWithMinimum`	Passing `insecurelyLowerMinimumTo` along with `method` to `sslverify.OpenSSLCertificateOptions` will cause it to raise an exception.
Method	`test_tlsProtocolsreduceToMaxWithoutMin`	When calling `sslverify.OpenSSLCertificateOptions` with `lowerMaximumSecurityTo` but no `raiseMinimumTo` or `insecurelyLowerMinimumTo` set, and `lowerMaximumSecurityTo` is below the minimum default, the minimum will be made the new maximum.
Method	`test_tlsProtocolsSSLv3Only`	When calling `sslverify.OpenSSLCertificateOptions` with `insecurelyLowerMinimumTo` and `lowerMaximumSecurityTo` set to SSLv3, it will exclude all others.
Method	`test_tlsProtocolsTLSv1Point0Only`	When calling `sslverify.OpenSSLCertificateOptions` with `insecurelyLowerMinimumTo` and `lowerMaximumSecurityTo` set to v1.0, it will exclude all others.
Method	`test_tlsProtocolsTLSv1Point1Only`	When calling `sslverify.OpenSSLCertificateOptions` with `insecurelyLowerMinimumTo` and `lowerMaximumSecurityTo` set to v1.1, it will exclude all others.
Method	`test_tlsProtocolsTLSv1Point2Only`	When calling `sslverify.OpenSSLCertificateOptions` with `insecurelyLowerMinimumTo` and `lowerMaximumSecurityTo` set to v1.2, it will exclude all others.
Method	`test_tlsv12ByDefault`	`sslverify.OpenSSLCertificateOptions` will make the default minimum TLS version v1.2, if no `method`, or `insecurelyLowerMinimumTo` is given.
Method	`test_tlsVersionRangeInOrder`	Passing out of order TLS versions to `insecurelyLowerMinimumTo` and `lowerMaximumSecurityTo` will cause it to raise an exception.
Method	`test_tlsVersionRangeInOrderAtLeast`	Passing out of order TLS versions to `raiseMinimumTo` and `lowerMaximumSecurityTo` will cause it to raise an exception.
Method	`test_verification`	Check certificates verification building custom certificates data.
Method	`testInspectDistinguishedName`	Undocumented
Method	`testInspectDistinguishedNameWithoutAllFields`	Undocumented

Inherited from OpenSSLOptionsTestsMixin:

Method	`loopback`	Undocumented
Method	`tearDown`	Undocumented
Instance Variable	`caCert1`	Undocumented
Instance Variable	`caCert2`	Undocumented
Instance Variable	`caCerts`	Undocumented
Instance Variable	`cCert`	Undocumented
Instance Variable	`cKey`	Undocumented
Instance Variable	`clientConn`	Undocumented
Instance Variable	`extraCertChain`	Undocumented
Instance Variable	`onClientLost`	Undocumented
Instance Variable	`onServerLost`	Undocumented
Instance Variable	`sCert`	Undocumented
Instance Variable	`serverPort`	Undocumented
Instance Variable	`sKey`	Undocumented

Inherited from TestCase (via OpenSSLOptionsTestsMixin):

Method	`__call__`	Run the test. Should always do exactly the same thing as run().
Method	`__init__`	Construct an asynchronous test case for `methodName`.
Method	`addCleanup`	Extend the base cleanup feature with support for cleanup functions which return Deferreds.
Method	`assertFailure`	Fail if `deferred` does not errback with one of `expectedFailures`. Returns the original Deferred with callbacks added. You will need to return this Deferred from your test case.
Method	`deferRunCleanups`	Run any scheduled cleanups and report errors (if any) to the result. object.
Method	`deferSetUp`	Undocumented
Method	`deferTearDown`	Undocumented
Method	`deferTestMethod`	Undocumented
Method	`getSuppress`	Undocumented
Method	`getTimeout`	Returns the timeout value set on this test. Checks on the instance first, then the class, then the module, then packages. As soon as it finds something with a `timeout` attribute, returns that. Returns `util.DEFAULT_TIMEOUT_DURATION`...
Instance Variable	`timeout`	A real number of seconds. If set, the test will raise an error if it takes longer than `timeout` seconds. If not set, util.DEFAULT_TIMEOUT_DURATION is used.
Method	`_cbDeferTestMethod`	Undocumented
Method	`_classCleanUp`	Undocumented
Method	`_cleanUp`	Undocumented
Method	`_deprecateReactor`	Deprecate `iterate`, `crash` and `stop` on `reactor`. That is, each method is wrapped in a function that issues a deprecation warning, then calls the original.
Method	`_ebDeferSetUp`	Undocumented
Method	`_ebDeferTearDown`	Undocumented
Method	`_ebDeferTestMethod`	Undocumented
Method	`_makeReactorMethod`	Create a method which wraps the reactor method `name`. The new method issues a deprecation warning and calls the original.
Method	`_run`	Run a single method, either a test method or fixture.
Method	`_runFixturesAndTest`	Really run `setUp`, the test method, and `tearDown`. Any of these may return `defer.Deferred`s. After they complete, do some reactor cleanup.
Method	`_undeprecateReactor`	Restore the deprecated reactor methods. Undoes what `_deprecateReactor` did.
Method	`_wait`	Take a Deferred that only ever callbacks. Block until it happens.
Instance Variable	`_passed`	Undocumented
Instance Variable	`_reactorMethods`	Undocumented
Instance Variable	`_timedOut`	Undocumented

Inherited from SynchronousTestCase (via OpenSSLOptionsTestsMixin, TestCase):

Method	`__eq__`	Override the comparison defined by the base TestCase which considers instances of the same class with the same _testMethodName to be equal. Since trial puts TestCase instances into a set, that definition of comparison makes it impossible to run the same test method twice...
Method	`__hash__`	Undocumented
Method	`callDeprecated`	Call a function that should have been deprecated at a specific version and in favor of a specific alternative, and assert that it was thusly deprecated.
Method	`flushLoggedErrors`	Remove stored errors received from the log.
Method	`flushWarnings`	Remove stored warnings from the list of captured warnings and return them.
Method	`getDeprecatedModuleAttribute`	Retrieve a module attribute which should have been deprecated, and assert that we saw the appropriate deprecation warning.
Method	`getSkip`	Return the skip reason set on this test, if any is set. Checks on the instance first, then the class, then the module, then packages. As soon as it finds something with a `skip` attribute, returns that in a tuple (...
Method	`getTodo`	Return a `Todo` object if the test is marked todo. Checks on the instance first, then the class, then the module, then packages. As soon as it finds something with a `todo` attribute, returns that. Returns ...
Method	`mktemp`	Create a new path name which can be used for a new file or directory.
Method	`patch`	Monkey patch an object for the duration of the test.
Method	`run`	Run the test case, storing the results in `result`.
Method	`runTest`	If no `methodName` argument is passed to the constructor, `run` will treat this method as the thing with the actual test inside.
Method	`shortDescription`	Undocumented
Instance Variable	`failureException`	An exception class, defaulting to `FailTest`. If the test method raises this exception, it will be reported as a failure, rather than an exception. All of the assertion methods raise this if the assertion fails.
Instance Variable	`skip`	`None` or a string explaining why this test is to be skipped. If defined, the test will not be run. Instead, it will be reported to the result object as 'skipped' (if the `TestResult` supports skipping).
Instance Variable	`suppress`	`None` or a list of tuples of `(args, kwargs)` to be passed to `warnings.filterwarnings`. Use these to suppress warnings raised in a test. Useful for testing deprecated code. See also `util.suppress`.
Instance Variable	`todo`	`None`, a string or a tuple of `(errors, reason)` where `errors` is either an exception class or an iterable of exception classes, and `reason` is a string. See `Todo` or `makeTodo` for more information.
Method	`_getSkipReason`	Return the reason to use for skipping a test method.
Method	`_getSuppress`	Returns any warning suppressions set for this test. Checks on the instance first, then the class, then the module, then packages. As soon as it finds something with a `suppress` attribute, returns that. ...
Method	`_installObserver`	Undocumented
Method	`_removeObserver`	Undocumented
Method	`_runCleanups`	Synchronously run any cleanups which have been added.
Instance Variable	`_cleanups`	Undocumented
Instance Variable	`_observer`	Undocumented
Instance Variable	`_parents`	Undocumented
Instance Variable	`_testMethodName`	Undocumented
Instance Variable	`_warnings`	Undocumented

Inherited from _Assertions (via OpenSSLOptionsTestsMixin, TestCase, SynchronousTestCase):

Method	`assertAlmostEqual`	Fail if the two objects are unequal as determined by their difference rounded to the given number of decimal places (default 7) and comparing to zero.
Method	`assertApproximates`	Fail if `first` - `second` > `tolerance`
Method	`assertEqual`	Fail the test if `first` and `second` are not equal.
Method	`assertFalse`	Fail the test if `condition` evaluates to True.
Method	`assertIn`	Fail the test if `containee` is not found in `container`.
Method	`assertIs`	Fail the test if `first` is not `second`. This is an obect-identity-equality test, not an object equality (i.e. `__eq__`) test.
Method	`assertIsInstance`	Fail if `instance` is not an instance of the given class or of one of the given classes.
Method	`assertIsNot`	Fail the test if `first` is `second`. This is an obect-identity-equality test, not an object equality (i.e. `__eq__`) test.
Method	`assertNoResult`	Assert that `deferred` does not have a result at this point.
Method	`assertNotAlmostEqual`	Fail if the two objects are equal as determined by their difference rounded to the given number of decimal places (default 7) and comparing to zero.
Method	`assertNotEqual`	Fail the test if `first` == `second`.
Method	`assertNotIn`	Fail the test if `containee` is found in `container`.
Method	`assertNotIsInstance`	Fail if `instance` is an instance of the given class or of one of the given classes.
Method	`assertNotSubstring`	Fail if `astring` contains `substring`.
Method	`assertRaises`	Fail the test unless calling the function `f` with the given `args` and `kwargs` raises `exception`. The failure will report the traceback and call stack of the unexpected exception.
Method	`assertSubstring`	Fail if `substring` does not exist within `astring`.
Method	`assertTrue`	Fail the test if `condition` evaluates to False.
Method	`assertWarns`	Fail if the given function doesn't generate the specified warning when called. It calls the function, checks the warning, and forwards the result of the function if everything is fine.
Method	`fail`	Absolutely fail the test. Do not pass go, do not collect $200.
Method	`failureResultOf`	Return the current failure result of `deferred` or raise `self.failureException`.
Method	`successResultOf`	Return the current success result of `deferred` or raise `self.failureException`.

def setUp(self): (source) ¶

overrides twisted.test.test_sslverify.OpenSSLOptionsTestsMixin.setUp

Same as OpenSSLOptionsTestsMixin.setUp, but it also patches sslverify._ChooseDiffieHellmanEllipticCurve.

def test_abbreviatingDistinguishedNames(self): (source) ¶

Check that abbreviations used in certificates correctly map to complete names.

def test_acceptableCiphersAreAlwaysSet(self): (source) ¶

If the user doesn't supply custom acceptable ciphers, a shipped secure default is used. We can't check directly for it because the effective cipher string we set varies with platforms.

def test_allowedAnonymousClientConnection(self): (source) ¶

Check that anonymous connections are allowed when certificates aren't required on the server.

def test_basicSecurityOptionsAreSet(self): (source) ¶

Every context must have OP_NO_SSLv2, OP_NO_COMPRESSION, and OP_CIPHER_SERVER_PREFERENCE set.

def test_certificateOptionsSerialization(self): (source) ¶

Test that __setstate__(__getstate__()) round-trips properly.

def test_certificateOptionsSessionTickets(self): (source) ¶

Enabling session tickets should not set the OP_NO_TICKET option.

def test_certificateOptionsSessionTicketsDisabled(self): (source) ¶

Enabling session tickets should set the OP_NO_TICKET option.

def test_constructorAllowsCACertsWithoutVerify(self): (source) ¶

It's currently a NOP, but valid.

def test_constructorDoesNotAllowExtraChainWithoutPrivateKey(self): (source) ¶

A extraCertChain without privateKey doesn't make sense and is thus rejected.

def test_constructorDoesNotAllowExtraChainWithOutPrivateKey(self): (source) ¶

A extraCertChain without certificate doesn't make sense and is thus rejected.

def test_constructorDoesNotAllowLegacyWithTrustRoot(self): (source) ¶

verify, requireCertificate, and caCerts must not be specified by the caller (to be any value, even the default!) when specifying trustRoot.

def test_constructorDoesNotAllowVerifyWithoutCACerts(self): (source) ¶

verify must not be True without specifying caCerts.

def test_constructorSetsExtraChain(self): (source) ¶

Setting extraCertChain works if certificate and privateKey are set along with it.

def test_constructorWithCertificateAndPrivateKey(self): (source) ¶

Specifying privateKey and certificate initializes correctly.

def test_constructorWithOnlyCertificate(self): (source) ¶

privateKey and certificate make only sense if both are set.

def test_constructorWithOnlyPrivateKey(self): (source) ¶

privateKey and certificate make only sense if both are set.

def test_constructorWithVerifyAndCACerts(self): (source) ¶

Specifying verify and caCerts initializes correctly.

def test_dhParams(self): (source) ¶

If dhParams is set, they are loaded into each new context.

def test_enablingAndDisablingSessions(self): (source) ¶

The enableSessions argument sets the session cache mode; it defaults to False (at least until https://twistedmatrix.com/trac/ticket/9764 can be resolved).

def test_extraChainDoesNotBreakPyOpenSSL(self): (source) ¶

extraCertChain doesn't break OpenSSL.SSL.Context creation.

def test_extraChainFilesAreAddedIfSupplied(self): (source) ¶

If extraCertChain is set and all prerequisites are met, the specified chain certificates are added to Contexts that get created.

def test_failedCertificateVerification(self): (source) ¶

Check that connecting with a certificate not accepted by the server CA fails.

def test_givesMeaningfulErrorMessageIfNoCipherMatches(self): (source) ¶

If there is no valid cipher that matches the user's wishes, a ValueError is raised.

def test_honorsAcceptableCiphersArgument(self): (source) ¶

If acceptable ciphers are passed, they are used.

def test_inspectCertificate(self): (source) ¶

Test that the inspect method of sslverify.Certificate returns a human-readable string containing some basic information about the certificate.

def test_methodIsDeprecated(self): (source) ¶

Passing method to sslverify.OpenSSLCertificateOptions is deprecated.

def test_modeIsSet(self): (source) ¶

Every context must be in MODE_RELEASE_BUFFERS mode.

def test_publicKeyMatching(self): (source) ¶

PublicKey.matches returns True for keys from certificates with the same key, and False for keys from certificates with different keys.

def test_refusedAnonymousClientConnection(self): (source) ¶

Check that anonymous connections are refused when certificates are required on the server.

def test_singleUseKeys(self): (source) ¶

If singleUseKeys is set, every context must have OP_SINGLE_DH_USE and OP_SINGLE_ECDH_USE set.

def test_successfulCertificateVerification(self): (source) ¶

Test a successful connection with client certificate validation on server side.

def test_successfulSymmetricSelfSignedCertificateVerification(self): (source) ¶

Test a successful connection with validation on both server and client sides.

def test_tlsProtocolsAllModernTLS(self): (source) ¶

When calling sslverify.OpenSSLCertificateOptions with insecurelyLowerMinimumTo set to TLSv1.0 and lowerMaximumSecurityTo to TLSv1.2, it will exclude both SSLs and the (unreleased) TLSv1.3.

def test_tlsProtocolsAllSecureTLS(self): (source) ¶

When calling sslverify.OpenSSLCertificateOptions with insecurelyLowerMinimumTo set to TLSv1.2, it will ignore all TLSs below 1.2 and SSL.

def test_tlsProtocolsAtLeastAllSecureTLS(self): (source) ¶

When calling sslverify.OpenSSLCertificateOptions with raiseMinimumTo set to TLSv1.2, it will ignore all TLSs below 1.2 and SSL.

def test_tlsProtocolsAtLeastWillAcceptHigherDefault(self): (source) ¶

When calling sslverify.OpenSSLCertificateOptions with raiseMinimumTo set to a value lower than Twisted's default will cause it to use the more secure default.

def test_tlsProtocolsAtLeastWithMinimum(self): (source) ¶

Passing insecurelyLowerMinimumTo along with raiseMinimumTo to sslverify.OpenSSLCertificateOptions will cause it to raise an exception.

def test_tlsProtocolsNoMethodWithAtLeast(self): (source) ¶

Passing raiseMinimumTo along with method to sslverify.OpenSSLCertificateOptions will cause it to raise an exception.

def test_tlsProtocolsNoMethodWithMaximum(self): (source) ¶

Passing lowerMaximumSecurityTo along with method to sslverify.OpenSSLCertificateOptions will cause it to raise an exception.

def test_tlsProtocolsNoMethodWithMinimum(self): (source) ¶

Passing insecurelyLowerMinimumTo along with method to sslverify.OpenSSLCertificateOptions will cause it to raise an exception.

def test_tlsProtocolsreduceToMaxWithoutMin(self): (source) ¶

When calling sslverify.OpenSSLCertificateOptions with lowerMaximumSecurityTo but no raiseMinimumTo or insecurelyLowerMinimumTo set, and lowerMaximumSecurityTo is below the minimum default, the minimum will be made the new maximum.

def test_tlsProtocolsSSLv3Only(self): (source) ¶

When calling sslverify.OpenSSLCertificateOptions with insecurelyLowerMinimumTo and lowerMaximumSecurityTo set to SSLv3, it will exclude all others.

def test_tlsProtocolsTLSv1Point0Only(self): (source) ¶

When calling sslverify.OpenSSLCertificateOptions with insecurelyLowerMinimumTo and lowerMaximumSecurityTo set to v1.0, it will exclude all others.

def test_tlsProtocolsTLSv1Point1Only(self): (source) ¶

When calling sslverify.OpenSSLCertificateOptions with insecurelyLowerMinimumTo and lowerMaximumSecurityTo set to v1.1, it will exclude all others.

def test_tlsProtocolsTLSv1Point2Only(self): (source) ¶

When calling sslverify.OpenSSLCertificateOptions with insecurelyLowerMinimumTo and lowerMaximumSecurityTo set to v1.2, it will exclude all others.

def test_tlsv12ByDefault(self): (source) ¶

sslverify.OpenSSLCertificateOptions will make the default minimum TLS version v1.2, if no method, or insecurelyLowerMinimumTo is given.

def test_tlsVersionRangeInOrder(self): (source) ¶

Passing out of order TLS versions to insecurelyLowerMinimumTo and lowerMaximumSecurityTo will cause it to raise an exception.

def test_tlsVersionRangeInOrderAtLeast(self): (source) ¶

Passing out of order TLS versions to raiseMinimumTo and lowerMaximumSecurityTo will cause it to raise an exception.

def test_verification(self): (source) ¶

Check certificates verification building custom certificates data.

def testInspectDistinguishedName(self): (source) ¶

Undocumented

def testInspectDistinguishedNameWithoutAllFields(self): (source) ¶

Undocumented