Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add server requiring client's cert in TLS handshake feature #1

Closed
wants to merge 1 commit into from

Conversation

starnight
Copy link
Owner

This patch adds server requiring client's certificate feature which is
mentioned in the 6th step CertificateRequest to 9th step
VerifyClientCertSig in Table 5 TLS Full Handshake Protocol of MODBUS/TCP
Security Protocol Specification 1,

This feature is implemented with an optional argument "reqclicert" of
StartTlsServer() in both sync and async_io. So, users can force server
require client's certificate, or according to the SSL Context's original
behavior 2.

This fixes part of pymodbus-dev#606

@starnight starnight force-pushed the T606 branch 12 times, most recently from a87d7ed to 87e7f42 Compare March 8, 2021 06:45
This patch adds server requiring client's certificate feature which is
mentioned in the 6th step CertificateRequest to 9th step
VerifyClientCertSig in Table 5 TLS Full Handshake Protocol of MODBUS/TCP
Security Protocol Specification [1],

This feature is implemented with an optional argument "reqclicert" of
StartTlsServer() in both sync and async_io. So, users can force server
require client's certificate, or according to the SSL Context's original
behavior [2].

[1]: http://modbus.org/docs/MB-TCP-Security-v21_2018-07-24.pdf
[2]: https://docs.python.org/3/library/ssl.html#ssl.SSLContext.verify_mode
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant