Add generate_ssl() to TLS client as helper. (#2120)

Author: janiversen

API_changes.rst

@@ -3,6 +3,11 @@ API changes
 Versions (X.Y.Z) where Z > 0 e.g. 3.0.1 do NOT have API changes!
 
 
+API changes 3.7.0
+-----------------
+- class method generate_ssl() added to TLS client (sync/async).
+
+
 API changes 3.6.0
 -----------------
 - framer= is an enum: pymodbus.Framer, but still accept a framer class

pymodbus/client/tls.py

@@ -91,6 +91,27 @@ async def connect(self) -> bool:
         )
         return await self.base_connect()
 
+    @classmethod
+    def generate_ssl(
+        cls,
+        certfile: str | None = None,
+        keyfile: str | None = None,
+        password: str | None = None,
+    ) -> ssl.SSLContext:
+        """Generate sslctx from cert/key/password.
+
+        :param certfile: Cert file path for TLS server request
+        :param keyfile: Key file path for TLS server request
+        :param password: Password for for decrypting private key file
+
+        Remark:
+        - MODBUS/TCP Security Protocol Specification demands TLSv2 at least
+        - verify_mode is set to ssl.NONE
+        """
+        return CommParams.generate_ssl(
+            False, certfile=certfile, keyfile=keyfile, password=password
+        )
+
 
 class ModbusTlsClient(ModbusTcpClient):
     """**ModbusTlsClient**.
@@ -160,6 +181,28 @@ def __init__(
         )
         self.server_hostname = server_hostname
 
+
+    @classmethod
+    def generate_ssl(
+        cls,
+        certfile: str | None = None,
+        keyfile: str | None = None,
+        password: str | None = None,
+    ) -> ssl.SSLContext:
+        """Generate sslctx from cert/key/password.
+
+        :param certfile: Cert file path for TLS server request
+        :param keyfile: Key file path for TLS server request
+        :param password: Password for for decrypting private key file
+
+        Remark:
+        - MODBUS/TCP Security Protocol Specification demands TLSv2 at least
+        - verify_mode is set to ssl.NONE
+        """
+        return CommParams.generate_ssl(
+            False, certfile=certfile, keyfile=keyfile, password=password,
+        )
+
     @property
     def connected(self) -> bool:
         """Connect internal."""

pymodbus/transport/transport.py

@@ -106,7 +106,7 @@ def generate_ssl(
         password: str | None = None,
         sslctx: ssl.SSLContext | None = None,
     ) -> ssl.SSLContext:
-        """Generate sslctx from cert/key/passwor.
+        """Generate sslctx from cert/key/password.
 
         MODBUS/TCP Security Protocol Specification demands TLSv2 at least
         """