Python getting common name from URL using ssl.getpeercert()

by

If you just want to get the CN or other certificate details no matter if certificate validation succeeds or not, you have to disable the verification. Unfortunately a simple sock.getpeercert() will by design only return an empty dictionary if certificate validation is disabled. That’s why one has to use sock.getpeercert(True) to get the binary representation of the certificate and extract the CN using OpenSSL.crypto from it:

import socket
import ssl
import OpenSSL.crypto as crypto

dst = ('cds.ca',443)
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(dst)

# upgrade the socket to SSL without checking the certificate
# !!!! don't transfer any sensitive data over this socket !!!!
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
s = ctx.wrap_socket(s, server_hostname=dst[0])

# get certificate
cert_bin = s.getpeercert(True)
x509 = crypto.load_certificate(crypto.FILETYPE_ASN1,cert_bin)
print("CN=" + x509.get_subject().CN)

More Related Contents:

  1. ssl.SSLError: tlsv1 alert protocol version
  2. Requests (Caused by SSLError(“Can’t connect to HTTPS URL because the SSL module is not available.”) Error in PyCharm requesting website
  3. Python requests.exceptions.SSLError: EOF occurred in violation of protocol
  4. Python requests SSL error – certificate verify failed
  5. HTTPS connection Python
  6. Issues with installing python libraries on Windows : CondaHTTPError: HTTP 000 CONNECTION FAILED for url
  7. Python: I need a code to auto login a website with HTTPS [closed]
  8. urllib and “SSL: CERTIFICATE_VERIFY_FAILED” Error
  9. pip install fails with “connection error: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:598)”
  10. Python Requests throwing SSLError
  11. Python referencing old SSL version
  12. How do I disable the security certificate check in Python requests
  13. using requests with TLS doesn’t give SNI support
  14. How to add a custom CA Root certificate to the CA Store used by pip in Windows?
  15. How to get Python requests to trust a self signed SSL certificate?
  16. Python FTP implicit TLS connection issue
  17. Python and OpenSSL version reference issue on OS X
  18. “SSL: certificate_verify_failed” error when scraping https://www.thenewboston.com/
  19. Unable to install Python packages using pip in Ubuntu Linux: InsecurePlatformWarning, SSLError, tlsv1 alert protocol version
  20. OpenSSL errors in python requests
  21. Python Requests getting SSLerror
  22. pip: cert failed, but curl works
  23. Why do HTTPS requests produce SSL CERTIFICATE_VERIFY_FAILED error?
  24. Caused by SSLError(“Can’t connect to HTTPS URL because the SSL module is not available.”
  25. SSL error downloading NLTK data
  26. How do I disable the ssl check in python 3.x?
  27. “SSL certificate verify failed” using pip to install packages
  28. Connecting to ‘Explicit FTP over TLS’ in Python (??)
  29. How can I decode a SSL certificate using python?
  30. SSLError: sslv3 alert handshake failure

Leave a Comment