google.auth.transport.mtls module

Utilites for mutual TLS.

has_default_client_cert_source()[source]

Check if default client SSL credentials exists on the device.

Returns:indicating if the default client cert source exists.
Return type:bool
default_client_cert_source()[source]

Get a callback which returns the default client SSL credentials.

Returns:
A callback which returns the default
client certificate bytes and private key bytes, both in PEM format.
Return type:Callable [ , bytesbytes ]
Raises:google.auth.exceptions.DefaultClientCertSourceError – If the default client SSL credentials don’t exist or are malformed.
default_client_encrypted_cert_source(cert_path, key_path)[source]

Get a callback which returns the default encrpyted client SSL credentials.

Parameters:
  • cert_path (str) – The cert file path. The default client certificate will be written to this file when the returned callback is called.
  • key_path (str) – The key file path. The default encrypted client key will be written to this file when the returned callback is called.
Returns:

A callback which generates the default

client certificate, encrpyted private key and passphrase. It writes the certificate and private key into the cert_path and key_path, and returns the cert_path, key_path and passphrase bytes.

Return type:

Callable [ , strstrbytes ]

Raises:

google.auth.exceptions.DefaultClientCertSourceError – If any problem occurs when loading or saving the client certificate and key.