python requests use tls 1.2

Python Requests Use TLS 1.2

As a web developer, I have worked with various APIs and libraries for data transfer. One of the most popular ones is the Python Requests library which simplifies HTTP requests in Python. While working with Requests, I had to ensure that the data is transferred securely over HTTPS protocol. To accomplish this, I needed to utilize TLS 1.2 protocol.

What is TLS?

Transport Layer Security (TLS) is a cryptographic protocol that provides secure data transfer over the internet. It is the successor of SSL (Secure Sockets Layer) and is currently in its third version, TLS 1.3. TLS uses a combination of symmetric and asymmetric cryptography to establish a secure connection between the client and the server.

How to Use TLS 1.2 with Python Requests?

Python Requests library uses the underlying urllib3 library for making HTTP requests. To use TLS 1.2 protocol with Requests, we need to configure urllib3's SSL context to use TLS 1.2. We can achieve this by creating an SSL context object and passing it to the Requests session object.


import requests
import urllib3

# Create an SSL context object with TLS 1.2 protocol
ssl_context = urllib3.util.ssl_.create_urllib3_context(ssl_version=urllib3.util.ssl_.TLSVersion.TLSv1_2)

# Create a Requests session object with SSL context
session = requests.Session()
session.verify = True
session.mount('https://', requests.adapters.HTTPAdapter(pool_connections=100, pool_maxsize=100, ssl_context=ssl_context))

# Make a GET request with TLS 1.2 protocol
response = session.get('https://example.com')
print(response.content)

In the above code, we first create an SSL context object with TLS 1.2 protocol using the create_urllib3_context() method of urllib3. We then create a Requests session object and mount an HTTPAdapter with the SSL context object. Finally, we make a GET request to an HTTPS endpoint with TLS 1.2 protocol.

Alternative Way to Use TLS 1.2 with Python Requests

Another way to use TLS 1.2 protocol with Python Requests is to set the default SSL context to use TLS 1.2. We can achieve this by setting the DEFAULT_CIPHERS and DEFAULT_SSL_VERSION attributes of the ssl module.


import requests
import ssl

# Set default SSL context to use TLS 1.2
ssl_context = ssl.create_default_context()
ssl_context.set_ciphers('DEFAULT:@SECLEVEL=1')
ssl_context.options |= ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1
ssl_context.set_min_proto_version(ssl.TLSVersion.TLSv1_2)

# Make a GET request with TLS 1.2 protocol
response = requests.get('https://example.com', verify=True, timeout=10, headers={'User-Agent': 'Mozilla/5.0'}, cert=None, stream=False, allow_redirects=True, proxies=None, hooks=None, json=None, params=None, auth=None, cookies=None)

print(response.content)

In the above code, we first create a default SSL context object with TLS 1.2 protocol using the create_default_context() method of the ssl module. We then set the cipher suites to use SECLEVEL 1 and disable TLS 1.0 and 1.1 protocols. Finally, we make a GET request to an HTTPS endpoint with TLS 1.2 protocol.