Getting SSL certificate
Stuart D. Gathman
stuart at bmsi.com
Thu Nov 7 22:31:18 EST 2002
The httplib modules supports SSL, but does not check certificates. Fine,
but I couldn't find a way to get the server certificate to check it
myself. How do I get the server certificate from an HTTPSConnection
object? I dug down to where it calls the _socket C module, and still
didn't find anything that would fetch this info for me.
For this application, I just need to check for a specific name and
specific signer. I suppose checking that the signature is valid could get
involved, but I can't try until I can get the certificate. And attempting
to check with false positives is no worse than not checking at all.
Furthermore, when playing with urllib, proxies don't seem to work with the
https protocol. It passes the "https://host.com" url to the proxy server,
instead of using the proxy CONNECT request needed for SSL. Am I doing
something wrong? I set the proxy like this:
export https_proxy="http://myproxyhost:8081"
(And http_proxy works as expected.)
--
Stuart D. Gathman <stuart at bmsi.com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
More information about the Python-list
mailing list