TlsBuilder¶

class aerospike_sdk.aio.tls_builder.TlsBuilder[source]¶

Bases: object

Builder class for configuring TLS settings for Aerospike cluster connections.

This class provides a SDK API for configuring TLS parameters such as TLS name, CA file, protocols, ciphers, and other TLS-specific options.

Simple example usage:

cluster = ClusterDefinition("localhost", 3100)                .with_tls_config_of()                    .tls_name("myTlsName")                    .ca_file("myCaFile")                .done()                .with_native_credentials("myUser", "password")

__init__(parent)[source]¶

Initialize a TlsBuilder.

Parameters:: parent (ClusterDefinition) – The parent ClusterDefinition

tls_name(tls_name)[source]¶

Sets the TLS name for server certificate validation and hostname verification.

This TLS name will be applied to all Host objects that don’t already have a TLS name set. The TLS name is used for: - Certificate validation: Verifies the server certificate matches this name - SNI (Server Name Indication): Tells the server which certificate to present - Hostname override: Allows validation against a different name than the connection address

Parameters:: tls_name (str) – The TLS name for certificate validation and hostname verification
Return type:: TlsBuilder
Returns:: This TlsBuilder for method chaining

ca_file(ca_file)[source]¶

Sets the path to the Certificate Authority (CA) PEM file.

The CA file contains the certificates used to verify the server’s identity. This method supports PEM-formatted certificate files for easy certificate management.

Parameters:: ca_file (str) – The path to the CA certificate PEM file
Return type:: TlsBuilder
Returns:: This TlsBuilder for method chaining

client_cert_file(cert_file)[source]¶

Sets the path to the client certificate PEM file for mutual TLS (mTLS).

Parameters:: cert_file (str) – The path to the client certificate PEM file
Return type:: TlsBuilder
Returns:: This TlsBuilder for method chaining

client_key_file(key_file)[source]¶

Sets the path to the client private key PEM file for mutual TLS (mTLS).

Parameters:: key_file (str) – The path to the client private key PEM file
Return type:: TlsBuilder
Returns:: This TlsBuilder for method chaining

protocols(*protocols)[source]¶

Sets the allowed TLS protocols.

Parameters:: *protocols (str) – The TLS protocols to allow (e.g., “TLSv1.2”, “TLSv1.3”)
Return type:: TlsBuilder
Returns:: This TlsBuilder for method chaining

ciphers(*ciphers)[source]¶

Sets the allowed TLS cipher suites.

Parameters:: *ciphers (str) – The cipher suite names to allow
Return type:: TlsBuilder
Returns:: This TlsBuilder for method chaining

for_login_only(for_login_only=True)[source]¶

Sets whether TLS should be used only for login/authentication.

Parameters:: for_login_only (bool) – If True, TLS is only used for authentication
Return type:: TlsBuilder
Returns:: This TlsBuilder for method chaining

done()[source]¶

Completes TLS configuration and returns to the parent ClusterDefinition.

Return type:: ClusterDefinition
Returns:: The parent ClusterDefinition for continued method chaining

is_tls_enabled()[source]¶

Check if TLS is enabled.

Return type:: bool

get_tls_name()[source]¶

Get the TLS name.

Return type:: Optional[str]

build_tls_config()[source]¶

Build a PAC TlsConfig from the builder state.

Return type:: Any
Returns:: A configured aerospike_async.TlsConfig, or None when no CA file has been set (TLS cannot be configured without one).