By default, the Alibaba Cloud SDK V2.0 for Python uses HTTPS for all API requests and validates TLS certificates. You can override these defaults to meet compliance requirements or work in isolated test environments.
Client-level configuration (Config object)
Configure the protocol and minimum TLS version when you initialize the SDK client. These settings apply to all requests made by that client instance.
Set the request protocol
The SDK sends all requests over HTTPS by default. Override this only for legacy endpoints that do not support HTTPS.
HTTP sends all request data—including credentials—in plaintext. Use HTTP only in trusted, isolated environments.
from alibabacloud_tea_openapi.models import Config
# Use HTTP instead of the default HTTPS.
config = Config(
protocol='HTTP',
)Enforce a minimum TLS version
To meet security or compliance requirements, set a minimum TLS version for all requests made by the client. The SDK supports TLS 1.0, TLS 1.1, TLS 1.2, and TLS 1.3.
from alibabacloud_tea_openapi.models import Config
from Tea.core import TLSVersion
# Enforce TLS 1.2 as the minimum for all client requests.
config = Config(
protocol='HTTPS',
tls_min_version=str(TLSVersion.TLSv1_2)
)Request-level configuration (RuntimeOptions object)
Pass a RuntimeOptions object to override settings for a single API call. This is useful for temporarily disabling certificate validation during testing.
Disable TLS certificate validation
The SDK validates TLS certificates for all HTTPS requests by default. In some non-production environments—such as when using a proxy with a self-signed certificate—you may need to temporarily disable this validation.
Disabling certificate validation exposes requests to man-in-the-middle attacks. Use this option only for testing in trusted environments, and never in production code.
from alibabacloud_tea_util.models import RuntimeOptions
# Skip certificate validation for a single API call.
runtime_options = RuntimeOptions(
ignore_ssl=True
)