.. py:module:: docker.tls
Both the main :py:class:`~docker.client.DockerClient` and low-level :py:class:`~docker.api.client.APIClient` can connect to the Docker daemon with TLS.
This is all configured automatically for you if you're using :py:func:`~docker.client.from_env`, but if you need some extra control it is possible to configure it manually by using a :py:class:`TLSConfig` object.
For example, to check the server against a specific CA certificate:
tls_config = docker.tls.TLSConfig(ca_cert='/path/to/ca.pem', verify=True)
client = docker.DockerClient(base_url='<https_url>', tls=tls_config)This is the equivalent of docker --tlsverify --tlscacert /path/to/ca.pem ....
To authenticate with client certs:
tls_config = docker.tls.TLSConfig(
client_cert=('/path/to/client-cert.pem', '/path/to/client-key.pem')
)
client = docker.DockerClient(base_url='<https_url>', tls=tls_config)This is the equivalent of docker --tls --tlscert /path/to/client-cert.pem --tlskey /path/to/client-key.pem ....
.. autoclass:: TLSConfig()