[issue13288] SSL module doesn't allow access to cert issuer information

Antoine Pitrou Sat, 29 Oct 2011 06:57:37 -0700

Antoine Pitrou <pit...@free.fr> added the comment:

It's available in 3.3:


>>> ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
>>> ctx.verify_mode = ssl.CERT_REQUIRED
>>> ctx.set_default_verify_paths()
>>> with ctx.wrap_socket(socket.socket()) as sock:
...   sock.connect(("svn.python.org", 443))
...   cert = sock.getpeercert()
... 
>>> pprint.pprint(cert)
{'issuer': ((('organizationName', 'Root CA'),),
            (('organizationalUnitName', 'http://www.cacert.org'),),
            (('commonName', 'CA Cert Signing Authority'),),
            (('emailAddress', 'supp...@cacert.org'),)),
 'notAfter': 'Jan  9 20:50:13 2012 GMT',
 'notBefore': 'Jan  9 20:50:13 2010 GMT',
 'serialNumber': '0806E3',
 'subject': ((('commonName', 'svn.python.org'),),),
 'subjectAltName': (('DNS', 'svn.python.org'), ('othername', '<unsupported>')),
 'version': 3}

----------
nosy: +pitrou
resolution:  -> out of date
stage:  -> committed/rejected
status: open -> closed
type:  -> feature request
versions:  -Python 2.6, Python 2.7, Python 3.1, Python 3.2, Python 3.4

_______________________________________
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/issue13288>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue13288] SSL module doesn't allow access to cert issuer information

Reply via email to