CODEWITHSUNDEEP
python-3.7tls1.2
vijayvammi
vijayvammi

Reputation: 376

how to force TLSv1.2 in Python 3.7.4 and openssl 1.1.1?

I am working with an API that specifically accepts only TLS v1.2. The maximum and default version of TLS on my machine is 1.3, how to make it 1.2? Here is what I tried from looking around:

from requests.adapters import HTTPAdapter
from requests.packages.urllib3.poolmanager import PoolManager
import ssl

class MyAdapter(HTTPAdapter):
    def init_poolmanager(self, connections, maxsize, block=False):
        self.poolmanager = PoolManager(num_pools=connections,
                                       maxsize=maxsize,
                                       block=block,
                                       ssl_version=ssl.PROTOCOL_TLSv2)


import requests
s = requests.Session()
s.mount('https://', MyAdapter())


s.get('https://www.howsmyssl.com/a/check', verify=False).json()['tls_version']

'TLS 1.3'

Where am I going wrong?

Upvotes: 1

Views: 3266

Answers (1)

vijayvammi
vijayvammi

Reputation: 376

Never mind, after a bit of break and fresh eyes, was able to figure it out.

This link should help anyone with more specific requests.

https://lukasa.co.uk/2017/02/Configuring_TLS_With_Requests/

from requests.adapters import HTTPAdapter
from requests.packages.urllib3.poolmanager import PoolManager
import logging


class DESAdapter(HTTPAdapter):
    """
    A TransportAdapter that re-enables 3DES support in Requests.
    """
    def create_ssl_context(self):
        ctx = ssl.create_default_context()
        # disallow TLS_V1.3
        ctx.options |= ssl.OP_NO_TLSv1_3
        return ctx  
    def init_poolmanager(self, *args, **kwargs):
        print(' ----------- DESAdapter.init_poolmanager -------------- ')
        kwargs['ssl_context'] = self.create_ssl_context()
        return super(DESAdapter, self).init_poolmanager(*args, **kwargs)
    def proxy_manager_for(self, *args, **kwargs):
        print(' ----------- DESAdapter.proxy_manager_for -------------- ')
        kwargs['ssl_context'] = self.create_ssl_context()
        return super(DESAdapter, self).proxy_manager_for(*args, **kwargs)

import requests
s = requests.Session()
s.mount('https://', DESAdapter())

s.get('https://www.howsmyssl.com/a/check').json()['tls_version']

Upvotes: 2

Related Questions