in src/python/detectors/improper_certificate_validation/improper_certificate_validation.py [0:0]
def create_connection_compliant():
import socket
import ssl
host, port = 'example.com', 443
with socket.socket(socket.AF_INET) as sock:
context = ssl.SSLContext()
# Compliant: security certificate validation enabled.
context.verify_mode = ssl.CERT_REQUIRED
conn = context.wrap_socket(sock, server_hostname=host)
try:
conn.connect((host, port))
handle(conn)
finally:
conn.close()