Python Connector for ASE

Connect to ASE from Python using SSL/TLS

Connecting to ASE using SSL/TLS

Transport Layer Security (TLS) is a security protocol for accessing remote machines over untrusted networks. A primary use case of TLS is encrypting the communication between web applications and servers. It runs on top of TCP/IP to secure client-server communications and allows a TLS-enabled client to authenticate itself to a TLS-enabled server and vice versa. TLS evolved from a previous encryption protocol called Secure Sockets Layer (SSL), and the terms TLS and SSL are sometimes used interchangeably.

During server authentication, the client application uses public-key cryptography (PKI) algorithms to verify the server's identity by checking that the server's certificate is issued by a trusted certificate authority (CA) and proves the ownership of the public key. Similarly, TLS client authentication allows the server to validate the client's identity. The client and server can also authenticate each other using self-signed certificates. However, you will only want to use a self-signed certificate for an internal network or a development server.

After establishing a TLS connection, the client and server can exchange symmetrically encrypted messages with a shared secret key. TLS is the recommended method for establishing a secure connection to ASE due to its more straightforward configuration and higher performance than SSH.

For more information about securing TCP/IP connections with TLS, see Enabling SSL in the ASE documentation.

Enable TLS on a connection

  1. Import the module. 
    import devart.ase
  2. Connect to a database using the connect() module method and obtain a connection object. 
    my_connection = devart.ase.connect(
    Server="your_server",
        Database="your_database",
        UserId="your_username",
        Password="your_password",
    UseSSL="True",
        SSLCACert="path_to_ca_cert",
        SSLCert="path_to_client_cert",
        SSLKey="path_to_client_key"
)

TLS parameters

The following table describes the TLS connection parameters.

Parameter

Description

UseSSL

Enables TLS connections.

SSLCACert

The CA certificate

SSLCert

The client certificate

SSLKey

The client private key

IgnoreServerCertificateValidity

Specifies whether to verify the server certificate validity period during a TLS handshake.

The possible values are True and False. The default value is True.

IgnoreServerCertificateConstraints

Specifies whether to verify the server certificate for compliance with constraints during a TLS handshake.

The possible values are True and False. The default value is True.

TrustServerCertificate

Specifies whether to verify the server certificate chain during a TLS handshake. By default, the connector verifies the entire certificate chain.

The possible values are True and False. If the parameter is set to True, the connector will bypass walking the certificate chain to validate trust.

IgnoreServerCertificateInsecurity

Specifes whether to verify the server certificate signature security during a TLS handshake.

The possible values are True and False. The default value is False.
© 2022-2025 Devart. All Rights Reserved. Request Support Python Connectors Forum Provide Feedback