Python DER_cert_to_PEM_cert Exemples

Exemple #1

 def obtain_cert_info(self):
     context = ssl.create_default_context()
     with socket.create_connection((self.base_url, self.port)) as socket_connection:
         with context.wrap_socket(socket_connection, server_hostname=self.base_url) as server_socket:
             # uncomment to print everything
             # print(json.dumps(server_socket.getpeercert() , indent=2, sort_keys=True))
             cert_info = server_socket.getpeercert()
             subject = dict(x[0] for x in cert_info['subject'])
             issued_to = subject['commonName']
             issuer = dict(x[0] for x in cert_info['issuer'])
             issued_by = issuer['commonName']
             valid_from = cert_info['notBefore']
             valid_to = cert_info['notAfter']
             serial_number = cert_info['serialNumber']
             der_cert = server_socket.getpeercert(False)
             der_cert_bin = server_socket.getpeercert(True)
             pem_cert = ssl.DER_cert_to_PEM_cert(server_socket.getpeercert(True))
             # uncomment the below line if you want to see the actual public cert
             # print("certificate pub:",pem_cert)
             thumb_md5 = hashlib.md5(der_cert_bin).hexdigest()
             thumb_sha1 = hashlib.sha1(der_cert_bin).hexdigest()
             thumb_sha256 = hashlib.sha256(der_cert_bin).hexdigest()
             print("issued_to: " + issued_to)
             print("issued_by: " + issued_by)
             print("valid_from: " + valid_from)
             print("valid_to: " + valid_from)
             print("MD5: " + thumb_md5)
             print("SHA1: " + thumb_sha1)
             print("SHA256: " + thumb_sha256)
             print("cipher: " + str(server_socket.cipher()))
             print("SSL/TLS version:  " + server_socket.version())
             print("serial_number: " + serial_number)
             # print(server_socket.shared_ciphers())
         server_socket.close()

Exemple #2

def get_num_days_before_expired(hostname: str, port: str = '443'):
    """
    Get number of days before an TLS/SSL of a domain expired
    """
    context = ssl.SSLContext()
    with socket.create_connection((hostname, port)) as sock:
        with context.wrap_socket(sock, server_hostname=hostname) as ssock:
            certificate = ssock.getpeercert(True)
            cert = ssl.DER_cert_to_PEM_cert(certificate)
            x509 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
                                                   cert)
            cert_expires = datetime.strptime(
                x509.get_notAfter().decode('utf-8'), '%Y%m%d%H%M%S%z')
            num_days = (cert_expires - datetime.now(timezone.utc)).days
            # print(f'{hostname} expires in {num_days} day(s)')
            return num_days