@@ -465,6 +465,8 @@ class Context:
465465 :type scheme: "https" or "http"
466466 :param verify: Enable (True) or disable (False) SSL verification for https connections.
467467 :type verify: ``Boolean``
468+ :param self_signed_certificate: Specifies if self signed certificate is used
469+ :type self_signed_certificate: ``Boolean``
468470 :param sharing: The sharing mode for the namespace (the default is "user").
469471 :type sharing: "global", "system", "app", or "user"
470472 :param owner: The owner context of the namespace (optional, the default is "None").
@@ -526,6 +528,7 @@ def __init__(self, handler=None, **kwargs):
526528 self .bearerToken = kwargs .get ("splunkToken" , "" )
527529 self .autologin = kwargs .get ("autologin" , False )
528530 self .additional_headers = kwargs .get ("headers" , [])
531+ self ._self_signed_certificate = kwargs .get ("self_signed_certificate" , True )
529532
530533 # Store any cookies in the self.http._cookies dict
531534 if "cookie" in kwargs and kwargs ['cookie' ] not in None , _NoAuthenticationToken ]:
@@ -604,7 +607,11 @@ def connect(self):
604607 """
605608 sock = socket .socket (socket .AF_INET , socket .SOCK_STREAM )
606609 if self .scheme == "https" :
607- sock = ssl .wrap_socket (sock )
610+ context = ssl .create_default_context ()
611+ context .options |= ssl .OP_NO_TLSv1 | ssl .OP_NO_TLSv1_1
612+ context .check_hostname = not self ._self_signed_certificate
613+ context .verify_mode = ssl .CERT_NONE if self ._self_signed_certificate else ssl .CERT_REQUIRED
614+ sock = context .wrap_socket (sock , server_hostname = self .host )
608615 sock .connect ((socket .gethostbyname (self .host ), self .port ))
609616 return sock
610617
0 commit comments