如何使用 python 下载 x509 证书

How to download x509 certificate using python(如何使用 python 下载 x509 证书)

问题描述

我需要将服务器证书下载为 DER 文件.我正在使用python.我可以使用此脚本连接到服务器，但我需要将证书下载到本地硬盘中，以便在下一阶段解析它.

I need to download servers certificates as DER file. I am using python. I could connect to the server using this script but I need to download the certificate locally in my hard disk so I can parse it in the next stage.

import socket, ssl
import OpenSSL

hostname='www.google.com'
port=443

context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
ssl_sock = context.wrap_socket(s, server_hostname=hostname)
ssl_sock.connect((hostname, port))
ssl_sock.close()
print("ssl connection Done")

cert = ssl.get_server_certificate((hostname, port))

# OpenSSL
x509 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, cert)

推荐答案

您可以通过几个中间转换来保存 DER 文件:

You can save the DER file with a couple of intermediate transformations:

cert = ssl.get_server_certificate((hostname, port))
x509 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, cert)
der = OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_ASN1, x509)
with open('/tmp/google.der', 'wb') as f: f.write(der)

这篇关于如何使用 python 下载 x509 证书的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持编程学习网！