SSL with `gremlinclient`¶

Setting up SSL with gremlinclient is straightforward, but different depending on which client you choose. The following demonstrates using SSL with both the aiohttp_client and tornado_client modules.

SSL certs and server config are generally up to the user, but for testing you can get going with OpenSSL self-signed certificates. Something like:

$ openssl req -nodes -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days XXX

Then add something like this to the conf/gremlin-server.yaml file:

ssl: {
  enabled: true,
  keyCertChainFile: /path/to/cert.pem,
  keyFile: /path/to/key.pem}

Okay, both aiohttp and Tornado use Python’s ssl module to create an ssl.SSLContext:

>>> import ssl
>>> sslcontext = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
>>> sslcontext.load_cert_chain(
...     '/path/to/cert.pem', keyfile='/path/to/key.pem')

`aiohttp_client`¶

To set up SSL with aiohttp_client, use the aiohttp.TCPConnector class:

>>> connector = aiohttp.TCPConnector(ssl_context=sslcontext)

Then pass this object as a kwarg to submit, create_connection, GraphDatabase, or Pool:

>>> stream = yield from submit(
...     "wss://localhost:8182/", "1 + 1", connector=connector)

Don’t forget to use the “wss” protocol.

`tornado_client`¶

To set up SSL with tornado_client, we create a request_factory() that creates HTTPRequest objects with the ssl.SSLContext as a frozen kwarg and use this as our connector:

>>> from functools import partial
>>> request_factory = partial(
...     httpclient.HTTPRequest, ssl_options=sslcontext)

Then pass this object as a kwarg to submit, create_connection, GraphDatabase, or Pool:

>>> stream = yield from submit(
...     "wss://localhost:8182/", "1 + 1", connector=request_factory)

Again, don’t forget to use the “wss” protocol.

SSL with gremlinclient¶

aiohttp_client¶

tornado_client¶

SSL with `gremlinclient`¶

`aiohttp_client`¶

`tornado_client`¶