Fredrik Lundh wrote:
Ghirai wrote:

Using urllib, is there any way i could access some info about the SSL certificate (when opening a https url)?

I'm really interested in the fingerprint.

I haven't been able to find anything so far.

you can get some info via (undocumented?) attributes on the file handle:

 >>> import urllib
 >>> f = urllib.urlopen("https://mail.google.com/";)
 >>> f.fp
<httplib.SSLFile instance at 0x00CE2508>
['issuer', 'read', 'server', 'write']
 >>> f.fp._ssl.issuer()
'/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA'
 >>> f.fp._ssl.server()
'/C=US/ST=California/L=Mountain View/O=Google Inc/CN=mail.google.com'

</F>

   If you really need details from the SSL cert, you usually have to use
M2Crypto.  The base SSL package doesn't actually do much with certificates.
It doesn't validate the certificate chain.  And those strings of
attributes you can get are ambiguious; data fields may contain unescaped
"/", which is the field separator.  I went through this last year and
had to use M2Crypto, which is something of a headache but more or less works.

                                John Nagle
--
http://mail.python.org/mailman/listinfo/python-list

Reply via email to